Hack Proofing Windows 2000 Server

All organizations today rely on networks for access to information. These can range from internal networks to the Internet. Access to information is needed, and this access must be configured to provide information to other organizations that may request it. When we need to make a purchase, for example, we can quickly check out vendors prices through their Web pages. In order not to allow the competition to get ahead of our organization, we must establish our own Web page for the advertising and ordering of our products.
Within any organization, many sites may exist across the country or around the globe. If corporate data is available immediately to employees, much time is saved. In the corporate world, any time saved is also money saved.
In the past, Windows NT provided user security through account names and passwords. At logon, every user had to submit credentials, which were compared against a server s database for authentication. The matching of the username and password identified the user but failed to identify the corporate server. This environment allowed many man-in-the-middle attacks. A hacker could configure a server to impersonate the corporate server, thus intercepting the data from the user as well as from the corporate server. With the man-in-the-middle in place, hackers could grab sensitive data when users sent information to the corporate server. The man-in-the-middle could have access to sensitive information when the server sent the information to the requesting user. The way to prevent any impersonation from occurring on the...