Windows Server is Microsoft’s contender against Unix in the server market. Windows .NET Server versions (e.g., Windows 2003 Server) were re-engineered from the Windows 2000 Server code base. As Bill Gates himself implied in his notorious “Trustworthy Computing” memo, the success of Windows Server depends on how users perceive its security.
We have written a separate book, Windows .NET Server Security Handbook (Prentice Hall, 2002), detailing the complete security architecture and defense of Windows Server. Instead of repeating that information here, we instead provide a new approach to learning the material. In this chapter, we actually show you how to break Windows 2000 Server and Windows 2003 Server security, using known or theoretical vulnerabilities in the operating system.
Although not specific to the operating system itself, we also use this chapter to discuss potential weaknesses in Windows Server security implementations. The goal is to help you think outside the box, like an attacker. (Where possible, we also show defenses or countermeasures to attacks.) The purpose of this is to help you integrate Windows Server into your security policy.
Originally scheduled for release in 2001, Windows 2003 Server was delayed several times, mostly for “security reasons” (according to Microsoft). Consider the following timeline of the Windows Server pre-release history:
Original codename: Whistler
Original expected release: late 2001