In recent years, Windows NT and Windows 2000 systems have emerged as viable platforms for Internet servers. More and more organizations are now entrusting the full spectrum of business activities--including e-commerce--to Windows. Unfortunately, the typical Windows NT/2000 installation makes a Windows server an easy target for attacks, and configuring Windows for secure Internet use is a complex task. Securing Windows NT/2000 Servers for the Internet suggests a two-part strategy to accomplish the task: "Hardening" any Windows server that could potentially be exposed to attacks from the Internet, so the exposed system (known as a "bastion host") is as secure as it can be. Providing extra security protection for exposed systems by installing an additional network (known as a "perimeter network") that separates the Internet from an organization's internal networks. Introduction--Windows NT/2000 security threats, architecture of the Windows NT/2000 operating system and typical perimeter networks. How to build a Windows NT bastion host. Configuring Windows and network services, encrypting the password database, editing the registry, setting system policy characteristics, performing TCP/IP configuration, configuring administrative tools, and setting necessary permissions. Differences between Windows NT and Windows 2000 security including IPSec (IP Security Protocol) configuration. Secure remote administration--SSH, OpenSSH, TCP Wrappers, the Virtual Network Console, and the new Windows 2000 Terminal Services. Windows NT/2000 backup, recovery, auditing, and monitoring--event logs, the audit policy, time synchronization with NTP (Network Time Protocol), remote logging, integrity checking, and intrusion detection. Securing Windows NT/2000 Servers for the Internet is a concise guide that pares down installation and configuration instructions into a series of checklists aimed at Windows administrators. Topics include: Administrators who carefully follow the detailed instructions provided in this book will dramatically increase the security of their Windows NT/2000 Internet servers.