DOCSLIB.ORG

Assessing Network Security.Pdf

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

PUBLISHED BY Microsoft Press A Division of Microsoft Corporation One Microsoft Way Redmond, Washington 98052-6399 Copyright © 2004 by Ben Smith, David LeBlanc, Kevin Lam All rights reserved. No part of the contents of this book may be reproduced or transmitted in any form or by any means without the written permission of the publisher. Library of Congress Cataloging-in-Publication Data Lam, Kevin. Assessing Network Security/ Kevin Lam, David LeBlanc, Ben Smith. p. cm. Includes index. ISBN 0-7356-2033-4 1. Computer networks--Security measures. I. LeBlanc, David, 1960- II. Smith, Ben. III. Title. TK5105.59.L36 2004 005.8--dc22 2004049997 Printed and bound in the United States of America. 1 2 3 4 5 6 7 8 9 QWT 9 8 7 6 5 4 Distributed in Canada by H.B. Fenn and Company Ltd. A CIP catalogue record for this book is available from the British Library. Microsoft Press books are available through booksellers and distributors worldwide. For further information about international editions, contact your local Microsoft Corporation office or contact Microsoft Press International directly at fax (425) 936-7329. Visit our Web site at www.microsoft.com/learning/books/. Send comments to [email protected]. Active Directory, ActiveX, Encarta, FrontPage, Hotmail, InfoPath, Microsoft, Microsoft Press, MSDN, MSN, Outlook, Visual Basic, Win32, Windows, Windows NT, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Other product and company names mentioned herein may be the trademarks of their respective owners. The example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious. No association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred. This book expresses the author’s views and opinions. The information contained in this book is provided without any express, statutory, or implied warranties. Neither the authors, Microsoft Corporation, nor its resellers or distributors will be held liable for any damages caused or alleged to be caused either directly or indirectly by this book. Acquisitions Editor: Martin DelRe Project Editor: Karen Szall Technical Editor: Ramsey Dow Indexer: Bill Meyers Body Part No. X10-46140 To my mother, my “little” sister, Tiger and close friends—you amaze me with your love, support and your ability to tolerate me day in and day out. —Kevin In memory of Merlin who was a good friend for many years. Finishing this book was much harder without you. Merlin: 9/19/1992–1/16/2004. —David To Beth, for enduring another book; thank you for everything. —Ben Contents at a Glance Part I Planning and Performing Security Assessments 1 Introduction to Performing Security Assessments 3 2 Key Principles of Security 21 3 Using Vulnerability Scanning to Assess Network Security 37 4 Conducting a Penetration Test 57 5 Performing IT Security Audits 75 6 Reporting Your Findings 89 7 Building and Maintaining Your Security Assessment Skills 99 Part II Penetration Testing for Nonintrusive Attacks 8 Information Reconnaissance 117 9 Host Discovery Using DNS and NetBIOS 137 10 Network and Host Discovery 153 11 Port Scanning 167 12 Obtaining Information from a Host 179 13 War Dialing, War Driving, and Bluetooth Attacks 195 Part III Penetration Testing for Intrusive Attacks 14 Automated Vulnerability Detection 223 15 Password Attacks 239 16 Denial of Service Attacks 255 17 Application Attacks 269 18 Database Attacks 281 19 Network Sniffing 301 20 Spoofing 319 21 Session Hijacking 333 22 How Attackers Avoid Detection 355 23 Attackers Using Non-Network Methods to Gain Access 379 v vi Contents at a Glance Part IV Security Assessment Case Studies 24 Web Threats 399 25 E-Mail Threats 431 26 Domain Controller Threats 457 27 Extranet and VPN Threats 477 Part V Appendixes A Checklists 497 B References 515 Table of Contents Acknowledgments xxi Foreword xxiii Introduction xxvii Part I Planning and Performing Security Assessments 1 Introduction to Performing Security Assessments 3 Role of Security Assessments in Network Security 4 Why Does Network Security Fail? 5 Human Factors 6 Policy Factors 7 Misconfiguration 9 Poor Assumptions 11 Ignorance 12 Failure to Stay Up-to-Date 13 Types of Security Assessments 13 Vulnerability Scanning 14 Penetration Testing 16 IT Security Auditing 17 Frequently Asked Questions 18 2 Key Principles of Security 21 Making Security Easy 21 Keeping Services Running 22 Allowing the Right Users Access to the Right Information 22 Defending Every Layer as if It Were the Last Layer of Defense 22 Keeping a Record of Attempts to Access Information 23 Compartmentalizing and Isolating Resources 24 Avoiding the Mistakes Everyone Else Makes 25 Controlling the Cost of Meeting Security Objectives 26 What do you think of this book? Microsoft is interested in hearing your feedback about this publication so we can continually improve our books and learning resources for you. To participate in a brief We want to hear from you! online survey, please visit: www.microsoft.com/learning/booksurvey/ viii Table of Contents Risk Management 27 Learning to Manage Risk 27 Risk Management Strategies 30 Immutable Laws 31 Frequently Asked Questions 35 3 Using Vulnerability Scanning to Assess Network Security 37 Setting a Scope for the Project 38 Defining the Target 38 Defining the Target Scope 43 Defining Types of Vulnerabilities 44 Determining Goals 45 Choosing a Technology 46 Tools and Managed vs. Unmanaged Targets 47 Checklist for Evaluating Tools 49 Creating a Process for Scanning for Vulnerabilities 51 Detecting Vulnerabilities 51 Assigning Risk Levels to Vulnerabilities 53 Identifying Vulnerabilities That Have not Been Remediated 53 Determining Improvement in Network Security Over Time 53 Creating a Process for Analyzing the Results 54 Frequently Asked Questions 54 4 Conducting a Penetration Test 57 What the Attacker Is Thinking About 58 Notoriety, Acceptance, and Ego 59 Financial Gain 59 Challenge 61 Activism 62 Revenge 62 Espionage 62 Information Warfare 63 Defining the Penetration Test Engagement 64 Setting the Goals 64 Setting the Scope 69 Performing the Penetration Test 69 Locating Areas of Weakness in Network or Application Defenses 70 Table of Contents ix Determining How Vulnerabilities Were Compromised 71 Locating Assets that Could be Accessed, Altered, or Destroyed 71 Determining Whether the Attack Was Detected 73 Identifying the Attack Footprint 73 Making Recommendations 74 Frequently Asked Questions 74 5 Performing IT Security Audits 75 Components of an IT Security Audit 75 Policy 76 Processes and Procedures 78 Operations 79 Preliminary Decisions 80 Legal Considerations 80 Regulatory Considerations 81 Operational Considerations 82 Organizational Considerations 82 Planning and Performing the Audit 83 Building Your Audit Framework 83 Setting the Scope and Timeline 86 Obtaining Legal and Management Approval 86 Completing the Audit 87 Analyzing and Reporting the Results 87 Frequently Asked Questions 88 6 Reporting Your Findings 89 Guidelines for Reporting Your Findings 89 Concise and Professional 90 Technically Accurate 91 Objective 91 Measurable 92 Framework for Reporting Your Findings 92 Define the Vulnerability 92 Document Mitigation Plans 95 Identify Where Changes Should Occur 96 Assign Responsibility for Implementing Approved Recommendations 97 Frequently Asked Questions 97 x Table of Contents 7 Building and Maintaining Your Security Assessment Skills 99 Building Core Skills 99 Improving Network, Operating System, and Application Skills 99 Developing Programming Skills 101 Practicing Security Assessments 103 Staying Up-to-Date 105 Finding a Course 106 Choosing a Conference 110 Internet-Based Resources 111 Internet Mailing Lists 111 Security Bulletins 112 Security Websites 112 Frequently Asked Questions 114 Part II Penetration Testing for Nonintrusive Attacks 8 Information Reconnaissance 117 Understanding Information Reconnaissance 118 Registrar Information 120 Determining Your Registrar Information 120 Countermeasures 122 IP Network Block Assignment 122 Determining Your Organization’s IP Network Block Assignment 123 Countermeasures 125 Web Pages 125 Reviewing Web Server Content 126 Countermeasures 129 Search Engines 129 Reviewing Your Website with Search Engines 129 Countermeasures 132 Public Discussion Forums 133 Taking a Snapshot of Your Organization’s Exposure 133 Countermeasures 134 Frequently Asked Questions 135 Table of Contents xi 9 Host Discovery Using DNS and NetBIOS 137 Using DNS 137 Common Record Types 138 Examining a Zone Transfer 146 Using NetBIOS 148 Using LDAP 151 Frequently Asked Questions 151 10 Network and Host Discovery 153 Network Sweeping Techniques 154 ICMP Sweeps 156 UDP Sweeps 158 TCP Sweeps 158 Broadcast Sweeps 159 Countermeasures 160 Network Topology Discovery 162 Trace Routing 163 Firewalking 164 Countermeasures 165 Frequently Asked Questions 165 11 Port Scanning 167 TCP Connect Scans 168 Custom TCP Scans 171 SYN Scans 172 FIN Scans 172 SYN/ACK and ACK Scans 173 XMAS Scans 173 Null Scans 173 Idle Scans 173 UDP Scans 174 FTP Bounce Scans 176 Port Scanning Tips and Tricks 176 Fragmentation and Port Scans 177 Port Scanning Countermeasures 178 Frequently Asked Questions 178 xii Table of Contents 12 Obtaining Information from a Host 179 Fingerprinting 179 IP and ICMP Fingerprinting 180 TCP Fingerprinting 182 Countermeasures 183 Application Fingerprinting 183 Countermeasures
Recommended publications
  • Illustrated Tutorial: Creating a Bootable USB Flash Drive for Windows XP

    Illustrated Tutorial: Creating a Bootable USB Flash Drive for Windows XP

    Illustrated tutorial: Creating a bootable Version 1.0 February 15, 2007 USB flash drive for Windows XP By Greg Shultz The ability to boot Windows XP from a USB Flash Drive (UFD) offers endless possibilities. For example, you might make an easy-to-use troubleshooting tool for booting and analyzing seemingly dead PCs. Or you could transport your favorite applications back and forth from home to work without having to install them on both PCs. However, before you can create a bootable UFD, you must clear a few hurdles. You saw that one coming didn’t you? The first hurdle is having a PC in which the BIOS will allow you to configure the USB port to act as a bootable device. The second hurdle is having a UFD that that will work as a bootable device and that’s large enough and fast enough to boot an operating system such as Windows XP. The third hurdle is finding a way to condense and install Windows XP on a UFD. If you have a PC that was manufactured in the last several years, chances are that its BIOS will allow you to configure the USB port to act as a bootable device. If you have a good qual- ity UFD that’s at least 512 KB and that was manufactured in the last couple of years, you’ve probably cleared the second hurdle. And once you’ve cleared those first two hur- dles, the third one is a piece of cake. All you have to do is download and run some free soft- ware to create the bootable UFD.
  • Windows Server 2012 Refresh: How to Manage the Migration

    Windows Server 2012 Refresh: How to Manage the Migration

    WINDOWS SERVER 2012 REFRESH: HOW TO MANAGE THE MIGRATION A guide to overcoming the challenges during the transition from Windows Server 2003 to Windows Server 2012 TABLE OF CONTENTS 5 Performing an application inventory 8 Upgrading Active Directory 9 Considering a hardware refresh 12 A move to virtualization 13 Certification, compliance and security 2 “Let’s face it. It’s the applications you’re running that are driving use of Windows Server 2003. Those are the things that are the beginning and end of what the Windows migration is all about.” AL GILLIN Program Vice President for Servers and System Software at IDC 3 INTRODUCTION With support ending for Windows Server 2003 in July 2015, companies need to ensure that their servers will adequately support the latest server OS and critical applications. By upgrading to Windows Server 2012, companies can increase their parallel computing capabilities and gain improved control over power consumption. Upgrading to the latest version of Windows Server brings the opportunity for businesses to lower their operating costs. “It’s an expensive proposition to continue supporting those old operating systems,” said Al Gillin, program vice president for servers and system software at IDC. Running one operating system rather than varieties of Server 2008, 2008 R2 and Server 2003R2 will make IT data centers more efficient. “If you have four different versions in place like that, that makes it more difficult for you to run your infrastructure,” Gillin said. When preparing for a Windows Server migration, companies should test all applications using a software tool such as Dell ChangeBASE before going live in the new OS.
  • KINSHIP CARE RESOURCE KIT for Community and Faith-Based Organizations

    KINSHIP CARE RESOURCE KIT for Community and Faith-Based Organizations

    KINSHIP CARE RESOURCE KIT for Community and Faith-Based Organizations Helping Grandparents and Other Relatives Raising Children Children’s Defense Fund LEAVE NO CHILD BEHIND Understanding Kinship Care: What You Need to Know About Grandparents and Other Relatives Raising Children “The most difficult thing for me out of all this has “He is the best thing that ever been trying to find some peace and happiness happened to me.” for my grandchildren and myself. To look at the broader scope of what all this will mean ... My job is Señor C. has never questioned his decision to to do the best for them I know how and thank raise his grandson. The child’s parents were God for them.” troubled and never really wanted to be a part of — Grandparent caregiver, Washington, D.C. his life. From the beginning, Señor C. and his wife, both natives of Puerto Rico, believed that their grandson was a gift from God. He belonged Kinship care families are everywhere. Across the to them. Since his wife died five years ago, country, millions of grandparents and other relatives Señor C. and his grandson find solace and sup- have stepped forward to care for children whose port in each other. Señor C. says his grandson’s parents are unable or unwilling to raise them. local school and the after-school programs it According to the 2000 U.S. Census, more than 2.4 offers have been lifesavers for the family. They million grandparents reported that they were provide meals, recreational activities, and, most responsible for meeting the basic needs of their importantly, other adults to help watch over his grandchildren.
  • Resource Kit User Guide © 2019 Quest Software Inc

    Resource Kit User Guide © 2019 Quest Software Inc

    Quest® Migration Manager for Active Directory 8.14 Resource Kit User Guide © 2019 Quest Software Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software license or nondisclosure agreement. This software may be used or copied only in accordance with the terms of the applicable agreement. No part of this guide may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying and recording for any purpose other than the purchaser’s personal use without the written permission of Quest Software Inc. The information in this document is provided in connection with Quest Software products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of Quest Software products. EXCEPT AS SET FORTH IN THE TERMS AND CONDITIONS AS SPECIFIED IN THE LICENSE AGREEMENT FOR THIS PRODUCT, QUEST SOFTWARE ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL QUEST SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF QUEST SOFTWARE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Quest Software makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and product descriptions at any time without notice.
  • Kinship Care Resource Kit Cash Assistance

    Kinship Care Resource Kit Cash Assistance

    Table of Contents Cash Assistance . 2 Child Care and Early Education . 5 Child Support . 10 Child Welfare and Kinship Foster Care. 13 Children with Physical and Mental Disabilities . 17 Domestic Violence . 22 Education . 24 Food and Nutrition . 26 Health Care . 28 HIV/AIDS . 30 Housing . 34 Incarcerated Parents . 39 Juvenile Justice. 42 Legal Options . 44 National Family Caregiver Support Program . 47 Senior Resources . 49 Substance Abuse . 51 Children’s Defense Fund • Kinship Care Resource Kit Cash Assistance any grandparents and other relative care- their own homes or in the homes of relatives.” As a givers already are living on limited incomes. result, all states have cash assistance programs to help MThe added expense of raising a child may children and their families. Each state has a different make it even more difficult to make ends meet. name for its TANF program, such as Colorado Works Your community or faith-based organization can or Arkansas’ Transitional Employment Assistance help by letting kinship caregivers know that they can (TEA) program. Each state also offers a different apply to their state for cash benefits on behalf of the monthly payment. For a list of the names of the children under their care. While the amount of the TANF programs in each state, log on to www.acf.hhs. monthly benefit varies by state, the extra income gov//programs/ofa/tnfnames.htm, or call 1-800- may be just what the caregiver needs to take the best 333-4636. You can also link directly to your state’s possible care of his or her child.
  • SECD Resource Kit SECD Resource Kit

    SECD Resource Kit SECD Resource Kit

    SECD Resource Kit SECD Resource Kit AKDN AGA KHAN DEVELOPMENT NETWORK Copyright © 2015 Red River College and Aga Khan Development Network. All Rights Reserved. No part of the publication may be reproduced, stored in a retrieval system, transmitted or utilized in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without permission in writing from the publisher, except for non-commercial, educational users. scienceofecd.com | SECD Resource Kit TABLE OF CONTENTS Background ..........................................................................ii What is in the Resource Kit? ........................................................iv How to use the Resource Kit ........................................................vi Workshop tips ......................................................................viii Topics Brain development ..........................................................11 Nurturing care ..............................................................35 Play .........................................................................53 Language and literacy. 83 Positive guidance ..........................................................115 Appendix ..........................................................................140 scienceofecd.com | SECD Resource Kit ii iii INTRODUCTION Background The Science of Early Child Development (SECD) is a knowledge mobilization initiative designed to make current research accessible to anyone interested in learning more about the profound impact of the
  • When Windows 2000 Or Windows Server 2003 Is Introduced

    When Windows 2000 Or Windows Server 2003 Is Introduced

    IMPORTANT INFORMATION FOR PRIMERGY CUSTOMERS July 11th, 2007 FUJITSU, LTD. NOTICE: Any server using an Intel Xeon 7100 or higher model CPU and has either Windows 2000, Windows 2000 Server, or Windows 2003 Server installed may encounter a “blue screen.” The problem occurs when the operating system running on a computer with a fast processor and a large L3 cache encounters a timing problem with asynchronous hardware. Although Fujitsu has not received any reports of this problem to date, there is a possibility that PRIMERGY server products may be affected. Problem: Any computer running any edition of Windows 2000, Windows 2000 Server, or Windows 2003 with an Intel Xeon processor (model 7100 or higher) that utilizes a large L3 cache may generate a “blue screen.” An error similar to: STOP 0x0000008E(parameter1, parameter2, parameter3, parameter4) KERNEL_MODE_EXCEPTION_NOT_HANDLED or STOP 0x0000001E(parameter1, parameter2, parameter3, parameter4) KERNEL_MODE_EXCEPTION_NOT_HANDLED may be displayed with Windows 2003-based and Windows 2000-based computers, respectively. Affected Operating Systems: Microsoft® Windows® 2000 Server Microsoft® Windows® 2000 Advanced Server Microsoft® Windows Server® 2003, Standard Edition (*) Microsoft® Windows Server® 2003, Enterprise Edition (*) (*)This problem has been corrected in Service Pack 1 for Windows Server 2003. Therefore Windows 2003 Server SP1 is not affected by this problem. Affected Fujitsu PRIMERGY models: The following models use Intel Xeon 7100 or higher processors. PRIMERGY Models, Product Codes, and CPU z PRIMERGY RX600 S3 (SAS), Product codes PGR603D* and PGR603B* ¾ Dual Core Intel® Xeon® Processor 7140M (3.40GHz)/7120M (3GHz) z PRIMERGY RX600 S3, Product codes PGR6038* and PGR6036* ¾ Dual Core Intel® Xeon® Processor 7140M (3.40GHz)/7120M (3GHz) * Changes by type.
  • Download Deploying Windows 7, Essential Guidance

    Download Deploying Windows 7, Essential Guidance

    FROM THE Windows® 7 Resource Kit Mitch Tulloch, Tony Northrup, Jerry Honeycutt, Ed Wilson, and the Windows 7 Team at Microsoft I Chapter 3 Deployment Platform .............................................. 85 I Chapter 4 Planning Deployment ............................................ 113 I Chapter 5 Testing Application Compatability ........................... 139 I Chapter 6 Developing Disk Images ......................................... 179 I Chapter 7 Migrating User State Data ...................................... 223 I Chapter 8 Deploying Applications .......................................... 247 I Chapter 9 Preparing Windows PE ........................................... 273 I Chapter 10 Confi guring Windows Deployment Services .............. 293 I Chapter 11 Using Volume Activation ........................................ 335 I Chapter 12 Deploying with Microsoft Deployment Toolkit ........... 355 DEPLOYING WINDOWS 7 83 Chapter 3 Deployment Platform n Tools Introduction 85 n Windows 7 Deployment Terminology 87 n Platform Components 89 n Deployment Scenarios 99 n Understanding Setup 101 n Basic Deployment Process 105 n Microsoft Deployment Toolkit Process 107 n Summary 110 n Additional Resources 111 uilding on technology that the Windows Vista operating system introduced, Windows 7 Bdeployment technology has evolved significantly since Windows XP Professional . For example, it supports file-based disk imaging to make high-volume deployments quicker, more efficient, and more cost effective . The Windows 7 operating system also provides
  • Windows Server 2003 R2, Windows Server 2008 R2, and Windows Server 2012

    Windows Server 2003 R2, Windows Server 2008 R2, and Windows Server 2012

    Feature Comparison Windows Server 2003 R2, Windows Server 2008 R2, and Windows Server 2012 Contents Introduction ............................................................................... 3 Top Ten Features ...................................................................... 4 General Features Overview .................................................... 8 © 2012 Microsoft Corporation. All rights reserved. This document is provided "as-is." Information and views expressed in this document, including URL and other Internet Web site references, may change without notice. You bear the risk of using it. Feature Comparison: Windows Server 2003 R2, Windows Server 2008 R2, and Windows Server 2012 2 Introduction This feature comparison guide compares selected features of Windows Server 2003 R2, Windows Server 2008 R2, and Windows Server 2012. The “Top Ten Features” section provides an overview of some of the most important features of Windows Server 2012, and the “General Features Overview” section compares a wider-range of features across all three releases. The comparison tables in both sections include comments in regard to each release, as well as notation about how well each feature is supported. The legend for this notation is as follows: Level of Feature Support Feature is supported Feature is only partially supported Feature is not supported Feature Comparison: Windows Server 2003 R2, Windows Server 2008 R2, and Windows Server 2012 3 Top Ten Features This section provides an overview of the top ten features of Windows Server 2003
  • Migrating from Windows 2000 to Windows Server 2003

    Migrating from Windows 2000 to Windows Server 2003

    23 0672326671 CH17 4/15/04 10:56 AM Page 463 CHAPTER 17 IN THIS CHAPTER •Windows Server 2003 Migrating from Migration Overview • Beginning the Migration Windows 2000 to Process Windows Server 2003 • Upgrading a Single Member Server • Upgrading a Windows 2000 Active Directory Forest Windows Server 2003 • Upgrading Separate AD Migration Overview Forests to a Single Forest In many ways, a migration from Windows 2000 to Windows Using Mixed-Mode Domain Server 2003 is more of a service pack upgrade than a major Redirect migration scenario. The differences between the operating • Consolidating and Migrating systems are more evolutionary than revolutionary, and there Domains Using the Active subsequently are fewer design considerations than in upgrades from the NT 4.0 operating system. Directory Migration Tool v2.0 That said, several immediate improvements to the operating • Consolidating a Windows system can be realized through migration to Windows Server 2000 Domain to a Windows 2003, whether by migrating all servers immediately or by Server 2003 Domain Using using a slow, phased approach. Improvements to Active ADMT v2.0 Directory (AD), such as the ability to rename domains and • Best Practices greater scalability, provide incentive for Windows 2000 Active Directory environments to begin migration. Standalone server improvements such as Terminal Services, File and Print Server improvements, Automated Server Recovery, and many more also serve to encourage migrations. This chapter focuses on the planning, strategy, and logistics of migration from Windows 2000 to Windows Server 2003. In addition, specialized procedures such as using Mixed-Mode Domain Redirect and migrating using the Active Directory Migration Tool (ADMT) are described, and step-by-step instructions complement these processes.
  • Windows Server 2003 End of Support One Year Later

    Windows Server 2003 End of Support One Year Later

    Windows Server 2003 End of Support One Year Later There's an elephant in the room..Windows Server 2003 Windows Server 2003 has been unsupported by Microsoft for almost a year now, with a number of organizations taking a custom support agreement from Microsoft while they plan their modernization. The increased costs & risk incurred with running on an unsupported platform will continue to rise with age, including the doubling, and doubling again of support agreements cost over the next two years. Avanade can help you understand the steps to get started on your modernization journey, how to drive new business value from it, and the ways in which you can achieve it. Avanade’s portfolio of Windows Server 2003 Use Windows Server 2003 end modernization solutions of support as a catalyst for your Business Case – Gain insight into best practices & build your modernization business case IT modernization Modernization Proof of Concept – Full Server 2003 retirement report & migration of two applications ©2016 Avanade Inc. All rights reserved. Windows Server 2003 End of Support One Year Later The Elephant In The Room Enterprises still relying on Windows Server 2003 are faced with two options, do something and purchase a custom support agreement (CSA) from Microsoft or do nothing and run the risk of using an unsupported operating system. Infection rate by server operation system Third and fourth quarters of 2014 8 Microsoft Custom Support Agreements 7 3Q14 Example 1500 server environment 6 4Q14 5 $900k $1.8M $3.6M 4 3 2 Computers cleaned per 1000 scanned 1 2015 2016 2017 0 Server Server Server Server Server 2003 SP2 2008 SP2 2008 R2 2012 2012 SP2 Cost of doing something Cost of doing nothing Microsoft custom support agreement (CSA) fees are set to Microsoft data shows that Windows Server 2003 infection rates double and double again in the next two years1.
  • GENESIS32 – DCOM on Windows XP and Server 2003 in a Domain December 2007 Description: Guide to Setup DCOM on a Windows XP Or 4

    GENESIS32 – DCOM on Windows XP and Server 2003 in a Domain December 2007 Description: Guide to Setup DCOM on a Windows XP Or 4

    GENESIS32 – DCOM on Windows XP and Server 2003 in a Domain December 2007 Description: Guide to setup DCOM on a Windows XP or 4. The My Computer Properties window will open. Click on Windows Server 2003 Operating System when computers are in the Default Properties tab, and match the properties as a domain on the Local Area Network. shown in Figure 2. OS Requirement: Windows XP/Server 2003. General Requirement: In order to communicate OPC data between different PCs via DCOM in a domain, the following requirements apply: • All GENESIS32 machines must be in the same domain on the LAN. • All GENESIS32 machines must be logged in to the operating system with a domain user. • The password must not be blank or “admin”. • The user must have administrative privileges to the local PC to change the DCOM settings. • Windows XP machines must have SP1 installed. Introduction For GENESIS32 Applications to communicate via DCOM, it is necessary to allow Access and Launch permissions for specific users. This application note explains how to setup DCOM on a Windows XP or Windows Server 2003 Operating System, for the most wide-open permissions. It is usually helpful to develop your application with wide-open communications to be sure that it all works properly. After you have completed your Figure 2 - My Computer Default Properties development, you will want to tighten these permissions until you reach a desired level of security 5. Next we have to add user permissions to the Default Security. Click the Default COM Security tab as shown in Editing DCOM Settings Figure 3 1.