RE: MS Exchange Server 5.5 Security Issue
It is possible to check this on the Event Viewer for the Exchange server under the security section as every access of a mailbox by other than the owner is logged. You need to have the appropriate level of logging configured (can't remember where this is configured). However if you want alerting etc, I recommend looking at ELM? (Event Log Manager) from our hosts at Sunbelt software:) It apparently does all this stuff. On another note, This is where the careful vetting of people in these positions of trust is essential. I'm not sure who said it but I remember hearing it quoted here frequently that there are seldom good technical solutions to social problems . It should be part of your terms of employment for IT staff that they read and agree to your acceptable behaviour policy (you do have one?) which would include the obvious stuff about privacy, p0rn and web usage, etc. If they are caught breaching this policy, it then becomes a HR problem. -Original Message- From: cslee [mailto:[EMAIL PROTECTED]] Sent: Tuesday, 5 February 2002 15:54 To: MS-Exchange Admin Issues Subject: MS Exchange Server 5.5 Security Issue Hi, Our company is using MS Exchange Server 5.5. I'm looking for an NT utilities that could help me to track any illegal users that logging into others people mailbox. This is a very important issue for security. Just imagine, if an IT staff that had the administration permission (service account) on MS Exchange Server 5.5, he/she could view whoever mailbox, including the managing director mailbox. So, could somebody provide me a solution of providing the tracking report for illegal users, that open others people mailbox? If he/she is NOT the owner of the mailbox, the tracking report will be provide and alert message will be sending out. Thanks. Regards, Lee Choon Sim IT Department List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: MS Exchange Server 5.5 Security Issue
The event logs tell you that. But you'll have to wade thru it, because you'll have to know who really does have permission to view calendars and such. And it sounds like the problem is more related to poor security or employee mistrust. -Original Message- From: cslee [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 05, 2002 12:54 AM To: MS-Exchange Admin Issues Subject: MS Exchange Server 5.5 Security Issue Hi, Our company is using MS Exchange Server 5.5. I'm looking for an NT utilities that could help me to track any illegal users that logging into others people mailbox. This is a very important issue for security. Just imagine, if an IT staff that had the administration permission (service account) on MS Exchange Server 5.5, he/she could view whoever mailbox, including the managing director mailbox. So, could somebody provide me a solution of providing the tracking report for illegal users, that open others people mailbox? If he/she is NOT the owner of the mailbox, the tracking report will be provide and alert message will be sending out. Thanks. Regards, Lee Choon Sim IT Department List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: MS Exchange Server 5.5 Security Issue
Three things: Check your event logs, limit admin access, fire anyone in IT you don't trust. IM not kidding. IT is one of the most powerful positions in a company, and if you don't trust your people, you have a serious problem. -Original Message- From: cslee [mailto:[EMAIL PROTECTED]] Sent: Monday, February 04, 2002 11:54 PM To: MS-Exchange Admin Issues Subject: MS Exchange Server 5.5 Security Issue Hi, Our company is using MS Exchange Server 5.5. I'm looking for an NT utilities that could help me to track any illegal users that logging into others people mailbox. This is a very important issue for security. Just imagine, if an IT staff that had the administration permission (service account) on MS Exchange Server 5.5, he/she could view whoever mailbox, including the managing director mailbox. So, could somebody provide me a solution of providing the tracking report for illegal users, that open others people mailbox? If he/she is NOT the owner of the mailbox, the tracking report will be provide and alert message will be sending out. Thanks. Regards, Lee Choon Sim IT Department List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: MS Exchange Server 5.5 Security Issue
Check event logs for event ID 1016 which tells you if someone other than the owner of the mailbox has accessed the mailbox. You should also divide up your Exchange admins. One group has top level access to the entire organization (service account admin). One group has access to only servers in a site. And the final group is delegated only the right to create mailboxes and DLs. Laurent -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 05, 2002 5:46 AM To: MS-Exchange Admin Issues Subject: RE: MS Exchange Server 5.5 Security Issue Three things: Check your event logs, limit admin access, fire anyone in IT you don't trust. IM not kidding. IT is one of the most powerful positions in a company, and if you don't trust your people, you have a serious problem. -Original Message- From: cslee [mailto:[EMAIL PROTECTED]] Sent: Monday, February 04, 2002 11:54 PM To: MS-Exchange Admin Issues Subject: MS Exchange Server 5.5 Security Issue Hi, Our company is using MS Exchange Server 5.5. I'm looking for an NT utilities that could help me to track any illegal users that logging into others people mailbox. This is a very important issue for security. Just imagine, if an IT staff that had the administration permission (service account) on MS Exchange Server 5.5, he/she could view whoever mailbox, including the managing director mailbox. So, could somebody provide me a solution of providing the tracking report for illegal users, that open others people mailbox? If he/she is NOT the owner of the mailbox, the tracking report will be provide and alert message will be sending out. Thanks. Regards, Lee Choon Sim IT Department List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
MS Exchange Server 5.5 Security Issue
Hi, Our company is using MS Exchange Server 5.5. I'm looking for an NT utilities that could help me to track any illegal users that logging into others people mailbox. This is a very important issue for security. Just imagine, if an IT staff that had the administration permission (service account) on MS Exchange Server 5.5, he/she could view whoever mailbox, including the managing director mailbox. So, could somebody provide me a solution of providing the tracking report for illegal users, that open others people mailbox? If he/she is NOT the owner of the mailbox, the tracking report will be provide and alert message will be sending out. Thanks. Regards, Lee Choon Sim IT Department List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm