Forwarded From: "Rob Slade, doting grandpa of Ryan and Trevor" <rslade@sprint.ca>
Posted To: p1@cmpnetmail.com
BKWNTSCG.RVW 980513
"Windows NT Security Guide", Stephen A. Sutton, 1997, 0-201-41969-6,
U$29.95/C$41.00
%A Stephen A. Sutton sutton@trustedsystems.com
%C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
%D 1997
%G 0-201-41969-6
%I Addison-Wesley Publishing Co.
%O U$29.95/C$41.00 416-447-5101 fax: 416-443-0948 bkexpress@aw.com
%P 373 p.
%T "Windows NT Security Guide"
Part one deals with issues of interest to users. Chapter one is a
conceptual introduction to security and the NT system. The material
is informal. This makes it easy to read, but also sacrifices
completeness. Sutton's idiosyncratic structure is weak in certain
areas; for example, reliability. The content is also lavish in its
praise of Microsoft and NT, and seemingly unwilling to admit to any
weak areas or flaws. Accounts, and the domain model, and reviewed in
chapter two. (Illustrations are heavily used, and could be helpful
were it not for the fact that so many have serious errors.) The
working environment, in chapter three, holds a rather random
assortment of features but concentrates on the NT security window,
rather mystically referred to as the "Trusted Path." (Both this term
and "Trusted Computer Base" are specific referents of the "Trusted
Computer System Evaluation Criteria" of the US Department of Defense,
better known as the "Orange Book". Neither term is used in the
specific manner defined by the Orange Book.) The structure of the
presentation seems to be intent on showing off, frequently querying
the user before having provided the answer. (On the other hand, one
formal exercise asks whether the user should enter a password into a
specific request box on the screen, and immediately tells you that NT
does not use that request box.) Chapter four goes into a lot of
detail on ACLs (Access Control Lists) but, in common with all too many
security books, does not present a completely clear picture of
effective rights in the case of combinations of permissions. A number
of situations where the same user name can be handled differently are
looked at in chapter five.
Part two involves administrative tasks. Chapter six covers the
mechanics of domain administration quite well, but the actual planning
is not dealt with in depth. Management of accounts is the topic of
chapter seven. Auditing and logging is covered in fair detail in
chapter eight. Although chapter nine is nominally about the Internet
and intranets, most of the space is dedicated to general discussions
of encryption. Details of algorithms are minimal, and a number of the
topics covered have only tangential relevance to NT. Chapter ten is a
grab bag of topics including the Registry, system policies, and
printers. The "Trusted Computing Base," in chapter eleven, seems to
refer to computer hardware and software assets, but the protection of
these assets is not well explained. (One of the author's major fears
seems to be viruses, but despite a great many mentions there is little
realistic information about them in the book.) Chapter twelve closes
off with a checklist summary of section titles from the book to this
point.
Part three is a single chapter, on assessment of NT security. Much of
this chapter is dedicated to proving that NT does not need to conform
to the "Orange Book" levels.
The stated intent of the book is to provide security information both
to users of Windows NT, and to network administrators. In reality,
users would need "cookbook" style recommendations that could be put
into practice immediately, and which are generally missing from the
book. Administrators need a more complete and well rounded approach
to the topic, particularly addressing vulnerabilities in NT itself
(such as the built-in and well known standard accounts). For those
with no background in security the book provides a little knowledge.
However, note the proverbial danger of a little knowledge,
particularly in cases where overconfidence can lead to disaster.
copyright Robert M. Slade, 1998 BKWNTSCG.RVW 980513
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Mon Jul 6 16:21:55 1998