RE: Exchange 2000 OWA is open.

Issues Subject: RE: Exchange 2000 OWA is open. Will ISA 2006 work in a Windows 2000 environment? -Original Message- From: Andy David [mailto:[EMAIL PROTECTED] Sent: Thursday, January 17, 2008 2:39 PM To: MS-Exchange Admin Issues Subject: RE: Exchange 2000 OWA is open. If it's not ISA, its

RE: Exchange 2000 OWA is open.

The VPNs are gateways but nothing stops them from putting the OWA address in a kiosk browser. -Original Message- From: Andy David [mailto:[EMAIL PROTECTED] Sent: Thursday, January 17, 2008 2:45 PM To: MS-Exchange Admin Issues Subject: RE: Exchange 2000 OWA is open. What if I'm

RE: Exchange 2000 OWA is open.

. Enable http https redirection to the front end server. -Original Message- From: Andy David [mailto:[EMAIL PROTECTED] Sent: Thursday, January 17, 2008 3:39 PM To: MS-Exchange Admin Issues Subject: RE: Exchange 2000 OWA is open. If it's not ISA, its crap! No SSL? OY. I wouldn't bother

RE: Exchange 2000 OWA is open.

Will ISA 2006 work in a Windows 2000 environment? -Original Message- From: Andy David [mailto:[EMAIL PROTECTED] Sent: Thursday, January 17, 2008 2:39 PM To: MS-Exchange Admin Issues Subject: RE: Exchange 2000 OWA is open. If it's not ISA, its crap! No SSL? OY. I wouldn't bother

RE: Exchange 2000 OWA is open.

What if I'm at an airport kiosk? If I have access to VPN, I'll probably want to use Outlook. -Original Message- From: Salvador Manzo [mailto:[EMAIL PROTECTED] Sent: Thursday, January 17, 2008 3:43 PM To: MS-Exchange Admin Issues Subject: Re: Exchange 2000 OWA is open. Stephan

RE: Exchange 2000 OWA is open.

Subject: RE: Exchange 2000 OWA is open. Sure, but you'll need a 2003 server to install it on. It's not typically part of the internal AD domain. Isn't it called Forefront Security now or something? -Original Message- From: Stephan Barr [mailto:[EMAIL PROTECTED] Sent: Thursday, January 17

Re: Exchange 2000 OWA is open.

them from putting the OWA address in a kiosk browser. -Original Message- From: Andy David [mailto:[EMAIL PROTECTED] Sent: Thursday, January 17, 2008 2:45 PM To: MS-Exchange Admin Issues Subject: RE: Exchange 2000 OWA is open. What if I'm at an airport kiosk? If I have access

RE: Exchange 2000 OWA is open.

ISA 2000, ISA 2004, ISA 2006. Newer is better? -Original Message- From: Tim Vander Kooi [mailto:[EMAIL PROTECTED] Sent: Thursday, January 17, 2008 3:04 PM To: MS-Exchange Admin Issues Subject: RE: Exchange 2000 OWA is open. Donning Dr. Tom mask If it ain't ISA it sucks, but ISA

Re: Exchange 2000 OWA is open.

Stephan, Require a VPN connection before allowing connection to OWA. OWA is just an application riding on top of a web server. So long as the web server is accessible, it _will_ get attacked. On 1/17/08 12:39, Andy David [EMAIL PROTECTED] wrote: If it's not ISA, its crap! No SSL? OY. I

RE: Exchange 2000 OWA is open.

Thanks for the replies you guys. Very much appreciated. Cheers. -Original Message- From: Salvador Manzo [mailto:[EMAIL PROTECTED] Sent: Thursday, January 17, 2008 2:43 PM To: MS-Exchange Admin Issues Subject: Re: Exchange 2000 OWA is open. Stephan, Require a VPN connection before

RE: Exchange 2000 OWA is open.

We do that via reverse proxy and hardware token. -Original Message- From: Andy David [mailto:[EMAIL PROTECTED] Sent: Thursday, January 17, 2008 12:45 PM To: MS-Exchange Admin Issues Subject: RE: Exchange 2000 OWA is open. What if I'm at an airport kiosk? If I have access to VPN, I'll

RE: Exchange 2000 OWA is open.

IF its externally available. -Original Message- From: Stephan Barr [mailto:[EMAIL PROTECTED] Sent: Thursday, January 17, 2008 12:48 PM To: MS-Exchange Admin Issues Subject: RE: Exchange 2000 OWA is open. The VPNs are gateways but nothing stops them from putting the OWA address

RE: Exchange 2000 OWA is open.

There is evidence in the Exchange security log that unwanted folks are trying to gain access via OWA and they want it to stop. Put it on a non-standard port and distribute shortcuts via logon scripting. That'll stop most of the worms at least (is it still codered you're seeing). You could