Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Windows Server 2003 Service Pack 1

from [Bones] Network Security [Permanent Link]
Subject: Re: Windows Server 2003 Service Pack 1
Date: Mon, 18 Apr 2005 10:47:38 -0700 
We upgraded this weekend and only found one (security related) anomaly so far.

If you are familiar with Exchange Server 2003, we had several "virtual
SMTP servers" setup on various ports for the various domains we
manage. Inbound e-mail is configured to be accepted in TCP25, but we
have other SSL wrapped SMTP connections on higher ports that our
external employees use to drop off mail back to the organization
securely. Example:

mail.domain1.com    running on TCP 25 (general inbound mail connection)
mail.domain1.com    running on TCP 2525 (SSL/TLS mail for domain1 clients)
mail.domain2.com    running on TCP 2526 (SSL/TLS mail for domain2 clients)
mail.domain3.com    running on TCP 2527 (SSL/TLS mail for domain3 clients)
etc.

Anyway, the high-port virtual SMTP servers no longer work. We have to
have all users change their mail client config to route them through
the general Internet inbound connection on TCP25 (which cannot be
wrapped in SSL for obvious reasons).

So far M$ has no explanation. ;-/ It's a minor exposure, but not one
we would like to have.

Bones

---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Fw: Re: using certificates in Outlook for encryption, Justin Roysdon
Next by Date:  Re: using certificates in Outlook for encryption, mitm
Previous by Thread:  RE: Windows Server 2003 Service Pack 1, Andrew Blevins
Next by Thread:  RE: Windows Server 2003 Service Pack 1, Ronald Balk
Indexes:  [Date] [Thread] [Top] [All Lists]