Securing Windows NT/2000 Servers for the Internet by Stefan Norberg Following are the changes made in the 4/01 reprint. Here's a key to the markup: [page-number]: serious technical mistake {page-number}: minor technical mistake : important language/formatting problem (page-number): language change or minor formatting problem ?page-number?: reader question or request for clarification (x) In the second line of the last paragraph, changed "(over 700 pages)" to "(over 7,000 pages)." (16) The last sentence of the first paragraph under the heading "The Windows NT/2000 Architectures" did read: "I particularly recommend Inside Windows NT, Third Edition by James D. Murray (O'Reilly & Associates, 1999)." Now reads: "I particularly recommend Inside Windows 2000, Third Edition, by David A. Solomon and Mark E. Russinovich (Microsoft Press, 2000)." {50} In the table at the bottom of the page, changed "REG_DWORD" to "REG_SZ". <116> The following sentence has been added at the end of the Tip: "Note that Rdpclip does not work with the new Terminal Services Advanced Client." <117> Lines 7-8 of the third paragraph did read: "...is available from the Franken Archives FTP site (ftp://ftp.franken. de/pub/win32/develop/gnuwin32/cygwin/porters/Vinschen_Corinna/V1.1.1/)" Now reads: "...is available from the Cygwin web site (http://www.cygwin.com/ openssh.html) or from the OpenSSH web site (http://www.openssh.com/ portable.html) {143} The description for /v did read: "Indicates that the backup should perform a verify operation after the restore." Now reads: "Indicates that a verify operation should be performed after the backup." [150] Figure 6-3 has been replaced with a screenshot that matches its caption ("Audit Policy settings in Windows 2000"). [150-151] The first column's heading has been changed from "Type of Event" to "Audit Setting (NT/Win2000)." The values in this column now read: Logon and Logoff/ Audit logon events File and Object Access/ Audit object access Use of User Rights/ Audit privilege use User and Group Management/ Audit account management Security Policy Changes/ Audit policy changes Restart, Shutdown and System/ Audit system events Process Tracking/ Audit process tracking [151] Added the following entry at the end of Table 6-1: Audit Setting Success Failure Recommended Setting -------------------------------------------------------------------------- Audit account Successful net- Failed network None on a bastion logon events work logon logon attempts host. This new (Windows 2000 attempts will be will be audited. Windows 2000 audit only) audited. setting is applicable only to domain controllers. When enabled, it audits authentication requests it receives over the network. {182} Changed the URL in the "OpenSSH" section to http://www.openssh.com/ portable.html. Delete the "OpenSSH and OpenSSL Cygwin patches" section. {183} Deleted the last two sentences in the Tip ("Perl is also..."). {183} Example C-2 now reads: $ tar zxvf openssl-0.9.6.tar.gz $ cd openssl-0.9.6 $ ./Configure no-threads CygWin32 $ make $ make test #optional {184} At the end of the second code line in Example C-3, changed "0.9.5" to "0.9.6".