there is a KB about that i think, have a search....
> > Hi, > Does anyone know about the original question which was why > exchange on Win2K > changes its ports and how it can be stopped? > many thanks > Vanessa > > -----Original Message----- > From: Couch, Nate [mailto:[EMAIL PROTECTED]] > Sent: 12 December 2001 13:27 > To: Exchange Discussions > Subject: RE: firewall problem > > > What about monitoring of those servers in the DMZ? Do you > use PerfMon to > check queues or critical processes? If so, what ports are > needed there if > your monitoring workstation is on the other side of the DMZ? > Or do you > simply use some kind of paging system when it reaches a threshold? > > Nate Couch > EDS Messaging > > > ---------- > > From: Atkinson, Daniel > > Reply To: [EMAIL PROTECTED] > > Sent: Wednesday, December 12, 2001 06:42 > > To: [EMAIL PROTECTED] > > Subject: RE: firewall problem > > > > > > thanks for the information.... > > > > > -----Original Message----- > > > From: Olds, Dominic [mailto:[EMAIL PROTECTED]] > > > Sent: 12 December 2001 11:55 > > > To: Exchange Discussions > > > Subject: RE: firewall problem > > > > > > > > > Any open port is a potential security risk. This risk > > > increases with the > > > amount you "open up" on your firewall. Personally, I would > > > only ever allow > > > SMTP traffic to an (relay protected) exchange box inside > a firewall. > > > Anything else and I would relay from a box sitting in the DMZ > > > (for smtp, OWA > > > etc etc) thus meaning I only have to allow the RPC and stuff > > > for exchange > > > between 2 specifically defined boxes from the DMZ to the > > > internal network. > > > It will make your life easier if you open these ports right?? > > > So it follows > > > that a hacker's life becomes easier too. If you choose the > > > lazy route you > > > are likely to pay for it in other ways. > > > > > > Regards > > > > > > Dom. > > > > > > -----Original Message----- > > > From: Atkinson, Daniel [mailto:[EMAIL PROTECTED]] > > > Sent: 12 December 2001 11:46 > > > To: Exchange Discussions > > > Subject: RE: firewall problem > > > > > > > > > i'd like to open our exchange server through the > firewall, but my boss > > > thinks this is a 'massive security risk'. i think if i > open it just to > > > specified hosts, then that would be ok. what does anyone > else think? > > > > > > dan. > > > > > > > -----Original Message----- > > > > From: Watkins V [mailto:[EMAIL PROTECTED]] > > > > Sent: 12 December 2001 11:16 > > > > To: Exchange Discussions > > > > Subject: firewall problem > > > > > > > > > > > > Dear all, > > > > > > > > I have several exchange servers which work fine through a > > > > firewall except > > > > one, using the TechNet recommended ports for DS and IS of > > > > 1300 and 1301 > > > > respectively. The one that doesn't work is one which is > > > > running Win2K. The > > > > others run NT4. I have set the ports to 1300 and 1301 in the > > > > registry as > > > > usual, but the server is ignoring this fact. It is just > > > > using random ports > > > > and so I am having to change the firewall ports instead!!! > > > > The ports it > > > > uses change after every reboot, so obviously, this is > troublesome. > > > > Anyone have a fix for this? > > > > We are using Exchange 5.5 sp4 > > > > > > > > thanks > > > > Vanessa Watkins > > > > Network Manager > > > > Royal Holloway > > > > > > > > > _________________________________________________________________ > > > > List posting FAQ: > http://www.swinc.com/resource/exch_faq.htm > > > > Archives: > http://www.swynk.com/sitesearch/search.asp > > > > To unsubscribe: mailto:[EMAIL PROTECTED] > > > > Exchange List admin: [EMAIL PROTECTED] > > > > > > > > > > _________________________________________________________________ > > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe: mailto:[EMAIL PROTECTED] > > > Exchange List admin: [EMAIL PROTECTED] > > > > > > _________________________________________________________________ > > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe: mailto:[EMAIL PROTECTED] > > > Exchange List admin: [EMAIL PROTECTED] > > > > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: mailto:[EMAIL PROTECTED] > > Exchange List admin: [EMAIL PROTECTED] > > > > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]