Announcement

Collapse
No announcement yet.

exchange sp level from OWA - been hacked?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • exchange sp level from OWA - been hacked?

    Hi,
    I have a developer who is a pain in the A** telling me my exchange server is sp1 and he knows this because he logged in using owa? this is exchange 2003, it is actually sp2 though.
    how can you tell the sp level and is that possible?

    How do I lock down owa in exchange 2003?

  • #2
    Re: exchange sp level from OWA - been hacked?

    I'm not sure I understand what that developer wants.

    As for locking down OWA, you can do it on a per-user basis, or by preventing HTTP traffic to the server. I do not recommend stopping the WWW services, as it will cause some problems.
    Cheers,

    Daniel Petri
    Microsoft Most Valuable Professional - Active Directory Directory Services
    MCSA/E, MCTS, MCITP, MCT

    Comment


    • #3
      Re: exchange sp level from OWA - been hacked?

      how can you lock down OWA per user?

      Do I need to secure the ex server with anything at all like iis lockdown?

      He used telnet to the server and found the version for esmpt and believes that tells him the server is only sp1?

      It is sp2 but what is that telnet to port 25 showing him?

      Comment


      • #4
        Re: exchange sp level from OWA - been hacked?

        Hi,

        a telnet to port 25 on a mail server is making a smtp connection to the server (or equivalent). It is the same thing that happens when mailservers communicate.

        You can for example:

        telnet servername/IP 25
        ehlo (or helo in some cases, this will return info on the server your connecting to).
        mail from: [email protected]ess
        rcpt to: [email protected]ess
        data
        "write a short message"
        .

        You must end with the dot on a separate line.

        This way you can:
        1. check if a server is up and running.
        2. check if the server is availble for relay.

        It is sp2 but what is that telnet to port 25 showing him?
        What he can see is something like this:

        220 mail.domain.xxx Microsoft ESMTP MAIL Service, Version: 6.0.3790.0 ready at Mon, 21 Nov 2005 08:52:30 +0100
        //M

        Comment


        • #5
          Re: exchange sp level from OWA - been hacked?

          Originally posted by spiderman
          how can you lock down OWA per user?
          Look at the tabs on the user's account properties.
          Cheers,

          Daniel Petri
          Microsoft Most Valuable Professional - Active Directory Directory Services
          MCSA/E, MCTS, MCITP, MCT

          Comment


          • #6
            Re: exchange sp level from OWA - been hacked?

            OK, thanks
            but what about the version info from telnet? How do you compare the version there with the ex version and sp level? Is there something somewhere that lists the versions on the web? I know it is sp2 but he found something and won't tell me where on the internet that it is sp1, so is is that version even up to date entirely with the sp info?

            Comment


            • #7
              Re: exchange sp level from OWA - been hacked?

              You should look at my site:

              http://www.petri.com/change_the_smtp_banner.htm
              Cheers,

              Daniel Petri
              Microsoft Most Valuable Professional - Active Directory Directory Services
              MCSA/E, MCTS, MCITP, MCT

              Comment

              Working...
              X