Windows XP Professional is an intuitive and feature packed operating system. However my XP laptop, (affectionately known as Crash because it often does several times a week), never leaves my house. When I go on travel, I shut down Crash and put him in the safe. This is because I do not know how to secure my XP for the hostile environment outside of my home firewall systems, but with my copy of XP Professional Security, I am learning fast.

This is a great security operating manual. If you have Windows XP Professional and hook up to a network without reading and applying the information in this book you are asking for trouble. I have exactly two caveats or concerns about the book and then we can talk about all the good stuff.

- The authors and technical team are really smart and their information can get you farther along the road to a reasonable level of security than any other source I know, but they do not know everything. Defense in depth rules -- add the personal firewall, make backups every seven seconds and you will be fine.

- The beginning of the book does not inspire the prospective customer to purchase the book. There are pages and pages of front matter, then you turn to Chapter 1 and the entire chapter is a list. Granted it is an important list, an exhaustive coverage of the XP Security Settings, but it is the kind of list most people would put in an appendix. That is the main reason I am taking the time to write this review. If I were just browsing in a bookstore, I would pick this book up, flip through the first few chapters, mutter "boring" and set it down. But if you do that you lose out!

What can you expect to find in the book? Chapter 2 is titled Software Restriction Policies. Where is it written that an install wizard should dictate your system's security policy! Take control with the knowledge you learn in Chapter 2 (though granted some ill behaved wizards and programs will probably fail when you do). Of course you can't say Windows without saying registry and Chapter 3 discusses these settings with the classic, backup first caveat.

Chapter 4 is about File System Security, that hasn't changed much from Windows 2000, but you will find all the permissions and auditing information you need in one handy place. Chapter 5, File System Enhancements, covers fast user switching, the firewall, shared documents, as well as enhancements to features that were included in Windows 2000 but didn't really work. Chapter 6 is your basic User and Group Management.

The next section of the book deals with Network Security and covers IPSec, Firewalls, Wireless Security (say what?), Remote Admin and Patch Management.

Part III of XP Security is the standard Active Directory discussion, but it is complete and coherent, everything you need to know, nothing you don't. Of course we have a discussion of the .NET framework and finally a fascinating chapter covering Internet Services, one of which is an IIS Lockdown Tool. As a major IIS vulnerability was released just today and since we have hard evidence the exploit has already been running for days, it might be time to take that puppy out for a spin.

The final section of the book is my favorite! The two chapters are Penetration Testing and Incident Response and they have a different voice than the rest of the book. I found them fun to read and like the rest of the book, packed with useful information.

The definition of a great technology book is that you keep it on the shelf just above your workstation where you can reach it without getting up and you find it in your lap multiple times a week. This book is within arms reach for me!

Stephen Northcutt - The SANS Institute

Cost is about $35.00
Amazon
http://www.amazon.com/exec/obidos/tg/detail/-/0072226021/qid=1047964699/
sr=8-1/ref=sr_8_1/104-1567526-2203912?v=glance&s=books&n=507846

Barnes and Noble
http://btobsearch.barnesandnoble.com/booksearch/isbnInquiry.asp?userid=54DQOCZ2J2&btob=
Y&isbn=0072226021&itm=8

NOTE: This book review is dated March 17, 2003 and should be useful for about one year. After that, the number of changes via patches to the operating system will probably require an update of the book.