No announcement yet.

Identifying in OWA logs attempts to tamper with the webmail server

  • Filter
  • Time
  • Show
Clear All
new posts

  • Identifying in OWA logs attempts to tamper with the webmail server

    Good morning/afternoon/night all. First post here. Hope someone can help me. I'm currently undergoing a cyber-security internship. One of my tasks is to identify, through Error codes (ie 401 403 500...) in OWA logs, all attempts to tamper with the webmail server. Now there is a lot of explanations online for the definition of error codes and all.I have come to the conclusion that 4xx and 5xx codes are the most interesting ones. But i have failed to determine which ones are interesting and may indicate a hack, if repetitive in the logs.Any help would be much appreciated.
    Thanks in advance!

  • #2
    Im very sorry i postedit in the wrong place!!


    • #3
      Moved to Exchange 2013 forum - please tell us if you have a different version and I will move again
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd

      ** Remember to give credit where credit is due and leave reputation points where appropriate **


      • #4
        The thing is, right now, its just theoretical study. No practice or anything so the version isn't really important i guess