Coming to a bookstore near you next year

On November 27, 2004, in news, by

So in addition to putting in the server over the Thanksgiving weekend I was also reading a few more chapters in that future Security book that I’ve mentioned earlier in my blog that I’m giving feedback on.  [No, I wouldn’t even dare to call it editing]  I keep feeling like Michelangelo and Leonardo DaVinci are asking me “so what do you think?” and I’m like standing there going… “Mike, Leo, guys, it looks really good but can you just change a few things here and there?”

Keep a look out for it next year from Addison Wesley.  It’s about protecting your network but it’s way way way more than just RJ45 and tcp/ip packets.  It’s the whole she-bang from the bits and bytes to the people layer — you know — the really hard stuff to secure.  What’s cool about it is already it’s made me stop and think on how I’ve set up my new network.  I didn’t turn off SMB signing like I would have normally had just knee-jerk done.  I disabled nolmhash because I knew I had a no Win9X’s in my network.  I so totally winced when I had to get my scanner/copier/printer reset up and realized that FTP service was not enabled on my server and had to stick in the cdrom and enable it because I realized I was increasing my “attack surface“.  It’s already made me stop and think.  In fact as soon as I reincarnate my old server as a member server, I’m moving the FTP to that one.  Granted I’ll still have FTP inside my network enabled, but it won’t be on the “everything on it including the kitchen sink“ domain controller.

Reading the chapters has made me realized that my “eagerness to please and enable” introduces insecurity in my network.  In the newsgroup yesterday, [a] Andrew put forth a document that he wants to give to owners to make them realize that having their employees install software is not a wise move.  Javier made an excellent point that at one point in time he used to think the IT admin that locked down everything was a jerk and now he’s realizing that that person was just trying to protect his network and is doing the right thing.  SuperG makes the point that your employee’s computers are not “their computers“ even though the icon says “My computer“.

So I guess you probably want to know who the two authors are that are writing the book you should put on your “this is a book you must have in the future” list?  One is Jesper Johansson [whom I call Dr. J because I can never remember if it’s one n or two and one s or two without double checking] and the other is Steve Riley.  It’s been interesting how many times I’ve seen people mention stuff they’ve learned from their sessions as they’ve traveled the globe giving security summits.  And the funny thing is that I’ve read comments on listserves as varied as Florida CPA geeky listserve, my SBS listserves, to blogs, to web sites.  I keep joking they need to patent or trademark their jokes because I keep seeing them repeated elsewhere.

Put it on your wish list.  It’s a must get/must read in my opinion.

“Hey, Mike, the Chapel looks great but can you make the figures a little skinnier… and Leo… put a bit more smile on the girl will ya?”

[a] please note if you click on those links your default newsreader will launch you to the sbs2k3 newsgroup


Comments are closed.