Penetration Testing mailing list archives
Re: [PEN-TEST] Testing MS Exchange
From: Robert Schwartz <Robert () mrsquirrel com>
Date: Wed, 11 Oct 2000 09:31:20 -0700
This is a very misunderstood subject and I see many misconfigured servers a lot. This is due to poor documentation IMHO. However, there is an excellent doc available on the TechNet CD (not sure about the Internet site). There is no qbase number. You need to query for: "Is Your Exchange Server Relay Secure". As it turns out, you need to implement some counterintuitive configuration options. I found it very useful. Hope this helps. -----Original Message----- From: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]On Behalf Of Stephen Quigg Sent: Wednesday, October 11, 2000 7:40 AM To: PEN-TEST () SECURITYFOCUS COM Subject: [PEN-TEST] Testing MS Exchange I am currently looking at some work involving Microsoft Exchange and Open Relays, most notably stopping many installed versions of Exchange acting as one! Does anyone have any knowledge in this area to share, and things I should be looking out for. This will include configurable options within exchange other than the generic ones to stop it being used as an Open Relay. I'm perfectly happy doing a network/IDS/Firewall/Server level vulnerability scan & risk analysis, but am anxious to gain the list's experience in this area. regards, Stephen Stephen Quigg PA Consulting Group +44 (0)141 241 6445 +44 (0)788 754 0020 DISCLAIMER: This e-mail contains proprietary information some or all of which may be legally privileged. It is for the intended recipient only. If an addressing or transmission error has misdirected this e-mail, please notify the author by replying to this e-mail. If you are not the intended recipient you must not use, disclose, distribute, copy, print, or rely on this e-mail.
Current thread:
- [PEN-TEST] Testing MS Exchange Stephen Quigg (Oct 11)
- Re: [PEN-TEST] Testing MS Exchange Robert Schwartz (Oct 11)
- <Possible follow-ups>
- Re: [PEN-TEST] Testing MS Exchange Gallicchio, Florindo (2282) (Oct 11)