Winter2005Winter 2005

Anatomy Of A Hack:How A Criminal Might Infiltrate Your Network

From elevating privileges to running SQL injection attacks, the criminal hacker has quite a few tricks up his sleeve. You'd better know what they are if you're going to keep this malevolent character out of your network. Jesper M. Johansson

Theft On The Web:Theft On The Web: Prevent Session Hijacking

There's a variety of ways that bad guys can take control of your network sessions, and they can do a lot of damage once they do take over. They can steal credit card information, user names, passwords, and more. Find out how to thwart their attempts before it's too late. Kevin Lam, David LeBlanc, and Ben Smith

:Beat Hackers At Their Own Game With A Hackerbasher Site

Wouldn't it be great if you could turn the tables on Web site hack attempts by diverting them to a dead end where you can log all the information the attacker left behind? Here's how you can construct your own web to snare would-be attackers. Marnie Hutcheson

The Day After:The Day After: Your First Response To A Security Breach

They don't call it a post mortem for nothing. After an attack, it's best to assess the situation quickly, before facts slip away and the trail goes cold. Learn what makes a good post-hack post mortem. Kelly J. Cooper

Mixing It Up:Mixing It Up: Windows, UNIX, And Active Directory

Did you know that with Active Directory you can provide centralized security and directory functionality for mixed environments, including those with UNIX-based machines? Find out what you need to achieve the single sign-on functionality you've been hoping for in your heterogeneous environment. Peter Larsen and Jason Zions

Yes, You Can!:Yes, You Can! Secure Your Mac On A Windows Network

Don't let your lack of experience with Apple computers paralyze your attempts to connect them to your Windows-based network. Using Services for Macintosh, even a novice can get Windows and Mac machines to play together nicely. Jay Shaw

Get Smart!:Get Smart! Boost Your Network's IQ With Smart Cards

Brian Komar

Five Lessons From The Microsoft Security Center Of Excellence

Dissecting the paths leading up to Slammer, Blaster, Sasser, and Code Red has allowed the Security Center of Excellence to help customers avoid such chaos in the future. Aaron Turner

Voice Mail In Your Inbox:Voice Mail In Your Inbox: Cisco Unity And Microsoft Exchange Make It Happen

Jeff Centimano

https://technet.microsoft.com/en-us/library/bb978519(v=msdn.10)
https://technet.microsoft.com/en-us/library/cc135917(v=msdn.10)

Columns

Security Watch:Six Free Microsoft Security Resources
Microsoft Baseline Security Analyzer, Port Reporter, plus information on Windows XP SP2, Software Update Services, Microsoft security events, and moreKai Axford
From the Editor:cc160818(v=msdn.10).md
It is with great pride that we present to you the inaugural issue of TechNet Magazine, the Microsoft journal for IT pros. Our goal is simple: we want to be your best source for in-depth technical information about how you can best use Microsoft tools and technologies in your IT job.
Toolbox:New Products For IT Professionals
www.reasoning.comMarnie Hutcheson
Utility Spotlight:Analyze Security Descriptors with searchSd
Your IT department is interested in conducting security audits. The group wants to have statistics generated about the usage of access control entries (ACEs) in their domain deployment. They want to be able to run a job every Sunday at 1:00 A. TechNet Magazine Staff
SQL Q&A:SQL Server Express, Encrypting Data, and More
Your queries answered by Microsoft IT professionals.Edited by Nancy Michell
Office Space:Information Rights Management In Office 2003
Today's knowledge workers deal with sensitive information all the time. This information comes in a variety of formats such as Microsoft Word, Excel, PowerPoint®, and e-mail documents, and it must all be protected from unauthorized access and distribution. Alok Mehta
How IT Works:E-mail Headers
As a network administrator, you've just seen fifty copies of the same e-mail virus sent to your users. How do you know which machine is infected? Is it someone inside your own company or someone external you can block?R'ykandar Korra'ti
Post Mortem:Dissecting A Successful Campus Integration Project
Two colleges in the City University of New York (CUNY) system needed to implement a student retention system. The system, a client/server application, would sit beside an IBM mainframe.Theresa Auricchio
How IT Works:Domain Name System
Without DNS, the Internet would be an ugly place. DNS is one of the services responsible for directing network traffic based on name and numerical IP addresses. Specifically, it's the service that allows users to type in names instead of numbers to locate a Web site or Internet resource. Regis Donovan
Case Study:A 200,000+ Desktop Deployment
Deploying a major software application such as Microsoft® Office 2003 or Microsoft Windows® XP Professional throughout a global enterprise can be a challenge for any IT organization. And just because Microsoft wrote the software doesn't mean internal deployment is a simple process. Steve Reay
Serving the Web:Essential Security Administration For IIS 6.0
IIS 5. 0 administrators are familiar with the important security-related tasks required to harden and maintain a secure Web services environment. The many new features and capabilities of IIS 6. 0, available with every version of Windows Server™ 2003, renders the previous version obsolete. Brett Hill
Round Up:15 Tips For A Smooth Migration To Exchange Server 2003
If you've heard that it's difficult to migrate from Exchange 5.5 to Exchange Server 2003, don't worry—there are steps you can take to simplify the upgrade process.Jenna Lyday
Resources:IIS 6.0 Security
In today's business environment, most organizations are using Web servers to extend products and services to both internal and external customers. At the same time, attackers are increasing their relentlessness and sophistication. Phil Sherwood
TechNet Update:New Benefits Deliver More Value to TechNet Plus Subscribers!
Microsoft is committed to delivering a comprehensive, centralized set of resources to help you solve technical problems, plan and deploy Microsoft technologies, and build your skills. To support this, the Microsoft TechNet Plus 2.
Field Notes:IT And Life Experiences
So here is the situation. You've been here before, a hundred times if not more. Your server worked perfectly, flawlessly serving up Web pages, photos from the company meeting, and departmental memos on cost-cutting measures. Andrew Shuman