Thor's Microsoft Security Bible

<p>""Most recognize Thor as the Norse god of thunder with massive powers of destruction. Few realize that he was also the god of restoration. Likewise, his namesake, Timothy "Thor" Mullen, has spent his entire adult life both destroying and restoring Microsoft-based security systems." Thor's Microsoft Security Bible "conveys the wisdom and expertise of the industry legend that has defined the bleeding edge of Microsoft security for over twenty years. I highly recommend this book."" <p>-Johnny Long, Hacker at Large Author of the best-selling ""Google Hacking"" series

Timothy Mullen, Ph.D. has been educating and training users in the technology sector since 1983 when he began teaching BASIC and COBOL through a special educational program at the Medical University of South Carolina (while still a high school senior). He then launched his professional career in application development and network integration in 1984. Dr. Mullen has developed and implemented Microsoft networking and security solutions for institutions like the US Air Force, Microsoft, the US Federal Courts, regional power plants, and international banking/financial institutions. He has developed applications ranging from military aircraft statistics interfaces and biological aqua-culture management to nuclear power-plant effects monitoring for private, government, and military entities worldwide. Mullen has been a columnist for Security Focus' Microsoft section, and is a regular contributor of InFocus technical articles. Also known as "Thor," he is the founder of the "Hammer of God" security co-op group. Mullen's writings appear in multiple publications such as Hacker's Challenge, the Stealing the Network series, and in Windows XP Security. His security tools, techniques and processes have been featured in Hacking Exposed and New Scientist Magazine, as well as in national television newscasts and technology broadcasts. His pioneering research in "strikeback" technology has been cited in multiple law enforcement and legal forums, including the International Journal of Communications Law and Policy. Dr. Mullen holds MCSE certifications in all recent Microsoft operating systems, has completed all Microsoft Certified Trainer curriculums and is a Microsoft Certified Partner. He is a member of American Mensa, and has recently been awarded the Microsoft "Most Valuable Professional" (MVP) award in Windows Enterprise Security for the fourth straight year. Dr. Mullen is CEO of H4RDW4RE, a security and consulting firm specializing in hardware-based security systems located in Silicon Valley, CA.

Chapter 1. Securely Writing Web Proxy Log Data to Structured Query Language (SQL) Server and Programmatically Monitoring Web Traffic Data in Order to Automatically Inject Allow/Deny Rules into Threat Management Gateway (TMG) Chapter 2. Internet Information Server (IIS) Authentication and Authorization Models, and Locking Down File Access with Encrypting File System (EFS) and Web Distributed Authoring and Versioning (Web DAV) Chapter 3. Analyzing and Blocking Malicious Traffic Based on Geolocation Chapter 4. Creating an Externally Accessible Authenticated Proxy in a Secure Manner Chapter 5. The Creation and Maintenance of Low Privileged Service Users (with a focus on SQL) Chapter 6. Remote Security Log Collection in a Least Privilege Environment Chapter 7. Securing RDP Appendix A: List Of Acronyms Appendix B: Full list of Server 2008 logs via WEVTUTIL tool