Hardening Windows Systems. By Roberta Bragg; published by McGraw-Hill Osborne Media, 877/833-5524 (phone), www.osborne.com (Web); 544 pages; $39.99.
Does a week ever go by without a major Windows vulnerability coming to light? It is evident that, prior to Windows XP Service Pack 2, the operating system was geared to file and printer sharing, not security. Among security professionals, the common view is that the best way to secure Windows is to use a more secure operating system such as Linux.
Windows isn't going away, however, and probably millions of businesses will continue to use that platform. These systems should be hardened against attack, a task made easier by this resourceful and practical book.
Hardening Windows Systems provides users a solid guide to implementing security on various Windows operating systems, attempting to close the many holes that have plagued Windows. Chapters cover infrastructure, physical security, communications, security policies, and more.
Valuable security-setting tables and checklists are offered for a vast number of different Windows security services, settings, and parameters. These tables and checklists ensure a systematic approach to system hardening.
Some readers might be overwhelmed by the prodigious number of modifications needed to ensure that a Windows host is indeed secure. Making those modifications is a dirty job, but this book makes it a lot less messy.
Reviewer: Ben Rothke, CISSP (Certified Information Systems Security Professional), is a senior security consultant with ThruPoint, Inc. He is a member of ASIS International.