Identifying in OWA logs attempts to tamper with the webmail server

Home Forums Messaging Software Exchange 2007 / 2010 / 2013 Identifying in OWA logs attempts to tamper with the webmail server

This topic contains 3 replies, has 3 voices, and was last updated by  nameless 8 months, 3 weeks ago.

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #167478

    Good morning/afternoon/night all. First post here. Hope someone can help me. I’m currently undergoing a cyber-security internship. One of my tasks is to identify, through Error codes (ie 401 403 500…) in OWA logs, all attempts to tamper with the webmail server. Now there is a lot of explanations online for the definition of error codes and all.I have come to the conclusion that 4xx and 5xx codes are the most interesting ones. But i have failed to determine which ones are interesting and may indicate a hack, if repetitive in the logs.Any help would be much appreciated.
    Thanks in advance!


    nameless
    Member
    #391989

    Im very sorry i postedit in the wrong place!!


    Ossian
    Moderator
    #191962

    Moved to Exchange 2013 forum – please tell us if you have a different version and I will move again


    nameless
    Member
    #391990

    Thanks!
    The thing is, right now, its just theoretical study. No practice or anything so the version isn’t really important i guess

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.