Security Basics mailing list archives
Re: Securing Corporate Web Based Email
From: sil <jesus () resurrected us>
Date: Thu, 29 Jan 2004 18:23:46 -0500 (EST)
On Thu, 29 Jan 2004, Meritt James wrote:
A number of places are with their people not realizing they are. Consider web interfaces to a corporate mail system... Jim Jeff McLaughlin wrote:
IMO, Configuring something similar to say OpenWebmail via SSL is definitely worth looking into. I have a couple of sites which users are using web based mail via SSL and other sites where users need to access things like say http://www.somesite.foo/config*, http://*/admin.* and I've set up SQUID using the auth options with static addresses for those who need to make changes, everyone else gets redirected via mod_security, and .htaccess files. Same follows for those who I allow to access web mail. (.htaccess, ipf rules, and SQUID based auth) Firewalls can be configured to allow certain blocks for those who don't have static addresses, and for those who don't, using their address ranges, one can narrow things down to times someone checks their mail and allow that range in within that specified time. I'm wondering how many admins/sec engineers monitor log events just for the sake of understanding what is going on within their networks. For instance, on my PERSONAL sites, I always have had the habits of tail -f'ing various logs to see in real time what is happening in order to make my sites/networks more effective for the end user and for myself. One can understand the actions of users based on repetitiveness at times, and configure things from there, as well as get an understanding if someone is trying to `beat the system' if you will, and address things from there on. When it comes to corporate mail systems however, too many fortune 500's will shoot down the notions of using programs such as Open Web mail due to FUD. (Not understanding the workings of the program, the whole open source concept is foreign, unexperienced admins don't have a clue as to how to set them up, etc.) =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ Quis custodiet ipsos custodes? - Juvenal J. Oquendo GPG Key ID 0x51F9D78D Fingerprint 2A48 BA18 1851 4C99 CA22 0619 DB63 F2F7 51F9 D78D http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x51F9D78D sil @ politrix . org http://www.politrix.org sil @ infiltrated . net http://www.infiltrated.net --------------------------------------------------------------------------- Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ----------------------------------------------------------------------------
Current thread:
- Securing Corporate Web Based Email Jeff McLaughlin (Jan 29)
- Re: Securing Corporate Web Based Email Meritt James (Jan 29)
- Re: Securing Corporate Web Based Email sil (Jan 30)
- checking logs (was: Re: Securing Corporate Web Based Email Meritt James (Jan 30)
- Re: Securing Corporate Web Based Email Steve (Jan 30)
- Re: Securing Corporate Web Based Email sil (Jan 30)
- <Possible follow-ups>
- RE: Securing Corporate Web Based Email Shawn Jackson (Jan 29)
- Re: Securing Corporate Web Based Email Ivan Coric (Jan 30)
- RE: Securing Corporate Web Based Email Adams, Tom (Jan 30)
- RE: Securing Corporate Web Based Email Dowling, Gabrielle (Jan 30)
- Re: Securing Corporate Web Based Email Meritt James (Jan 29)