24 of 24 people found the following review helpful
By A Customer
Verified Purchase(What is this?)
This review is from: Hacking Exposed Windows Server 2003 (Paperback)
First of all let me say that I have purchased 3 Hacking Exposed... titles before this one and I was happy with each of them. I therefore had no problems forking out £25 on this tome......until such times as I actually received it and began to read. This seems little more than a blatant attempt to extort money on the back of a successful series of books.
The amount of W2003 specific material could have been written on the back of a postcard stuck inside the cover. It has a chapter on IIS hacking which starts off telling you that IIS 6 is pretty secure and then fills up page after page of how to hack IIS 5. Ummmmm..didn't you already release (and get paid for) Hacking Windows 2000? This sort of tactic is used to fill up virtually every chapter of the book, with some chapters including such pearls of wisdom as "you should apply the MS00-xx patch", er...that patch would be 4 years old now. Yes I should apply it, but W2003 specific/relevant? Nope, not by a long chalk.
The only pieces of information I found useful were that W2003 domain controllers relax the security on SMB (think RestrictAnonymous) such that a lot of attacks work, and that TS now has a "Deny logon through Terminal Services" user right. They didn't even tell me how to resolve the lower privilege on SMB for DC's issue!! GAH! Save your money.