<Donning Dr. Tom mask> If it ain't ISA it sucks, but ISA is perfection on a shiny plastic platter!
<Removing Dr. Tom mask> In all seriousness, ISA is your best solution for this situation. TVK -----Original Message----- From: Stephan Barr [mailto:[EMAIL PROTECTED] Sent: Thursday, January 17, 2008 2:35 PM To: MS-Exchange Admin Issues Subject: Exchange 2000 OWA is open. I just picked up a client that has a Windows 2000 environment with Exchange 2000,everything fully patched and running well. 150 users, everything is behind Netgear FVS328s WAN wide, there are VPNs to five remote sites and the domain is WAN wide. Employees occasionally connect via HTTP to Exchange OWA using Windows Integrated Authentication; no SSL. There is evidence in the Exchange security log that unwanted folks are trying to gain access via OWA and they want it to stop. I've been reviewing the IIS log for foreign IPs and adding those to the deny list but that doesn't seem to do the trick. The customer does have a license for a second Exchange server. The IIS lockdown tool has not been executed on the Exchange server. What would you recommend to reduce/eliminate OWAs exposure? Cheers. ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja ~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja ~
