I've been OOF doing a training for HP Germany on how to migrate from
OpenMail to Exchange 2000 ;-)
<Siegfried />
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, August 22, 2001 4:01 PM
To: MS-Exchange Admin Issues
Subject: RE: Exchange Banner editing - Interesting Article on the
sercurit y list - here's a summary for those who missed it
Well where have you been? We've been waiting for you to chime in! <g>
-----Original Message-----
From: Siegfried Weber [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, August 22, 2001 4:25 AM
To: MS-Exchange Admin Issues
Subject: RE: Exchange Banner editing - Interesting Article on the
sercurit y list - here's a summary for those who missed it
You don't need *any* C/C++ skills to change such a thing. The Microsoft
Visual C++ IDE offers a way to open an .EXE or .DLL file as resource to
change a string compiled into the file.
That's what the discussion is talking about and that's how you could
also change the mailbox warning messages which are stored in mdbres.dll
IIRC.
<Siegfried />
> -----Original Message-----
> From: Matthew Western [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, August 22, 2001 1:12 AM
> To: MS-Exchange Admin Issues
> Subject: RE: Exchange Banner editing - Interesting Article on the
sercurit
> y list - here's a summary for those who missed it
>
> Join the club. my C++ skills are non-existant... i don't think i'll
be
> mucking around with the production server....
>
> -----Original Message-----
> From: Lefkovics, William [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, 22 August 2001 8:31 AM
> To: MS-Exchange Admin Issues
> Subject: RE: Exchange Banner editing - Interesting Article on the
> sercurit y list - here's a summary for those who missed it
>
>
> Nah.
>
> My event sink skills are limited to VBScript and some VB. I'm feeble
in
> C++
> beyond "Hello World".
>
> William
>
>
>
> -----Original Message-----
> From: Matthew Western [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, August 21, 2001 4:05 PM
> To: MS-Exchange Admin Issues
> Subject: RE: Exchange Banner editing - Interesting Article on the
> sercurit y list - here's a summary for those who missed it
>
>
> ah, i thought you'd reply :) i just thougt it was an interesting
read....
> someone might find it useful...
> you change yours OK? anyway,
> , cheers
>
> -----Original Message-----
> From: Lefkovics, William [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, 22 August 2001 8:25 AM
> To: MS-Exchange Admin Issues
> Subject: RE: Exchange Banner editing - Interesting Article on the
> sercurit y list - here's a summary for those who missed it
>
>
> All true.
>
> I'd want to play with it just cause I can. We know more about the
script
> kiddies than they know about us. Oooo... Netcraft...
>
> It's the hackers I'd worry about, and they could care less what your
port
> 25
> telnet banner says.
>
> William Lefkovics, MCSE, A+
>
> -----Original Message-----
> From: Matthew Western [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, August 21, 2001 3:55 PM
> To: MS-Exchange Admin Issues
> Subject: Exchange Banner editing - Interesting Article on the
sercurity
> list - here's a summary for those who missed it
>
>
> Q:
>
> How do you change the Exchange banner that appears when you telnet to
the
> exchange box on port 25?? I have heard that you must hex edit a .dll
but
> do
> not know which .dll to edit?? Anyone know??
>
> A:
>
> http://support.microsoft.com/support/kb/articles/q281/2/24.asp in e2k
>
>
> 5.5
>
> I can speak only for version 5.5:
>
> For port 25, the strings that need to be edited (with something like
> WinHex) are found in /exchsrvr/connect/msexcimc/bin/msexcimc.exe.
> For port 110, the strings are in /exchsrvr/bin/store.exe.
>
> As pointed out, you will have to redo the strings after you apply a
> service pack. Also, be careful editing store.exe. I strongly
> recommend knowledge of C programming for changing the strings since
> the printf parameters are found in the strings (i.e. %s, %i). If you
> overwrite the first one, you most likely will align a wrong argument
> (try printing a long with %s :) in which case the process calls the
> doctor (Watson that is).
>
>
>
> interesting post --
>
>
> I wouldn't say that. Deception and misinformation has always been
> used in the intelligence community as part of their security posture
> enhancement.
>
> Yes, changing banners doesn't make you secure by fixing problems.
> Bugs don't go away. But banner grabbing is often done by automated
> tools, services (i.e. NetCraft), or individuals. Making it harder for
> them to identify your systems does increase security posture. (I
> have used this on MS IIS successfully. Netcraft had listed a site as
> running Koyote web server... hehe).
>
> Most of the rest is just noise.....
>
> Matthew
>
>
>
> List Charter and FAQ at:
> http://www.sunbelt-software.com/exchange_list_charter.htm
>
> List Charter and FAQ at:
> http://www.sunbelt-software.com/exchange_list_charter.htm
>
>
> List Charter and FAQ at:
> http://www.sunbelt-software.com/exchange_list_charter.htm
>
> List Charter and FAQ at:
> http://www.sunbelt-software.com/exchange_list_charter.htm
>
>
> List Charter and FAQ at:
> http://www.sunbelt-software.com/exchange_list_charter.htm
List Charter and FAQ at:
http://www.sunbelt-software.com/exchange_list_charter.htm
List Charter and FAQ at:
http://www.sunbelt-software.com/exchange_list_charter.htm
List Charter and FAQ at:
http://www.sunbelt-software.com/exchange_list_charter.htm
