About the Companion CD

[Previous] [Next]

The companion CD includes sample code and numerous tools to help build secure Web-based applications by using the tools we outline in the book. It also includes an electronic version of the book, which includes six appendixes that do not appear in the printed book. First, let's look at the appendixes.

Appendix A, "Windows 2000 Well-Known SIDs," lists the accounts installed on all Windows 2000-based computers and the tasks they perform, if applicable. Appendix B, "Strong Passwords," shows how to create strong, but memorable (to you!), passwords. Appendix C, "Windows 2000 Default Ports," is a list of TCP and UDP ports used by Windows 2000-based computers. This is important information for firewall administrators. Appendix D, "Internet Information Services Authentication Summary," lists the characteristics of all the authentication protocols supported by IIS 4 and IIS 5. Appendix E, "Security-Related IIS Server Variables," explains all the server variables that can be used to help you develop secure Web applications. Appendix F, "Secure Web Server Checklist," is the IIS 5 version of the famous IIS 4 security checklist. It's designed to work with the Hisecweb.inf configuration file found on the companion CD.

The tools and files included on the companion CD are described in the following table.

ToolComments
Hisecweb.inf A Security Configuration Editor template for a secure Web server. You can deploy the template as outlined in Chapter 3.
KList Kerberos ticket listing tool.
KerbParser A Kerberos parser for Microsoft Network Monitor.
RUAdmin A tool that warns you if you have administrator-like privileges when you log on.
TPFX2 A tool to add a Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate to IIS 5 from the command line.
CryptUtil A COM+ component to generate cryptographically sound random numbers in Active Server Pages (ASP). Includes source code.
RandomGoo A Microsoft Windows CE 3.0 application for MIPS and SH3 Pocket PCs to produce random data. Useful for deriving strong passwords.
WhatIf A DHTML tool to determine which security settings support delegation.
WFetch A highly configurable client tool that behaves like a browser. You can configure many settings, including authentication protocol requirements, SSL/TLS ciphers and protocols, client authentication certificate types, and proxy server information.
TranslateName A tool that performs Active Directory lookups to translate between various name types such as SAM-compatible and UPN names. Includes C++ source code.
PerlScripts Various Perl scripts for maintaining a secure server. The scripts include:

  • Attacks.pl Analyzes IIS W3C log files for common attack signatures.
  • Buffy.pl Analyzes C and C++ source code for common buffer-overrun problem APIs.
  • IP.pl Pings a subnet. For use with Network Monitor.
  • Parselog.pl Parses IIS W3C log files, and displays all unique fields.
  • Pingsubnet.pl Pings a subnet and looks for open ports.
  • Syn.pl Parses netstat output looking for SYN floods.
  • Scan A port scanning tool.
  • Uptime A tool that generates HTML pages showing Web server uptime.
End2End

Code for building the sample end-to-end solution defined in Chapter 10 and sample administration scripts.

There are four directories, each relating to a specific computer used in the solution defined in Chapter 10.

00-WebServer:

  • ExAirConfig.vbs Creates the Exploration Air sample virtual directories on IIS 5.
  • WebContent Contains the two files used to make up the IIS Web site.

01-Middleware:

  • DBQuery.dll The COM+ DLL that implements data access with SQL Server. The DLL exposes two methods, the more important of which is WhoAmI, which returns the name of the user determined by SQL Server.
  • Source Contains the Visual Basic 6 source code for DBQuery.

02-DBServer:

  • ExAirHR.sql Contains the SQL Server script to set up the ExAir database

03-DomainController:

  • AddUsers.js and Accounts.xml Set the default users, Alice, Bob, Cheryl, and AppAccount in Active Directory.
  • SetDelg.js Sets or resets the Trusted For Delegation capability of a computer.



Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
ISBN: N/A
EAN: N/A
Year: 1999
Pages: 138

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net