From the category archives:

Security

Auditing Distribution Group Membership Changes

November 17, 2010

Exchange 2010 includes Administrator Audit Logging functionality to log all administrator actions. Because all administrator actions, including those taken using the EMC and the new web-based ECP consoles must fire off a Shell command under the hood, admin audit logging records cmdlets that can make changes (the ones that use the New and Set verbs, [...]

Read the full article →

Exchange ActiveSync: What is the Allow/Block/Quarantine List?

November 16, 2010

If you’re an Exchange admin happy about how Exchange ActiveSync just hums along with mobile devices supporting the EAS protocol, and the multitude of devices that can now access Exchange without any admin intervention (OTA device activation and all that…), but also unhappy about the multitude of devices that can now access Exchange without any [...]

Read the full article →

Exchange team posts guidance for the ASP.NET vulnerability

September 23, 2010

Late last week Microsoft released Microsoft Security Advisory (2416728), “Vulnerability in ASP.NET Could Allow Information Disclosure. The vulnerability is being investigated by the Microsoft Security Research Center (MSRC). The Exchange team has just posted guidance for Exchange customers. Head over to Microsoft Security Advisory 2416728, the ASP.NET Vulnerability, and Exchange Server for details. Microsoft to [...]

Read the full article →

Using Transport Rules to protect your organization from the ‘Here You Have’ Worm

September 10, 2010

The Here You Have worm, also known as Visal.B, has been spreading through network shares and email (more details on Microsoft’s Malware Protection Center web site). When spreading through email, the worm sends itself to your contacts with the following strings in the Subject field and message body: Subject: Here you have Body: Hello: This [...]

Read the full article →

BlackBerry faces ban in UAE, Saudi Arabia, to cooperate in India

August 2, 2010

It appears to be an increasingly monitored world for mobile devices, as governments across the globe rev up their efforts to snoop into mobile messaging. UAE’s The National reports the country’s Telecommunications Regulatory Authority has said that BlackBerry Messenger, BlackBerry E-mail and BlackBerry Web-browsing services in the UAE will be suspended as of October 11. [...]

Read the full article →

Renewing Certificates: DigiCert impresses again with customer service

July 22, 2010

Have you had a service that uses SSL/TLS, such as Outlook Web App (OWA), Exchange ActiveSync (EAS), AutoDiscover, or perhaps just a web site, impacted due to an expired certificate? Validity of digital certificates must be monitored, just as we monitor domain name registrations and renewal dates. Overlooking the fact that certificates expire and need [...]

Read the full article →

Social Engineering Attack Disguised As Mailbox Quota Message

June 21, 2010

Social engineering is all about psychological attacks— convincing a user to willingly divulge information is much more convenient, in most cases, than actually brute-forcing your way in. Attackers with very little technical sophistication (and perhaps some great social skills) can easily prey upon even the more vigilant users. I would’ve held on to my belief [...]

Read the full article →

Exchange 2010: Remove a RBAC Role from a Role Group

June 1, 2010

Exchange 2010 ships with a great new security feature – Role Based Access Control (RBAC). Having worked on the RBAC architecture of another product in what seems like a previous life, I’m excited about the RBAC implementation in Exchange! I wanted to write a detailed article/post on RBAC, but given current time constraints, the longish, [...]

Read the full article →

Where are mailbox last logon, client IP address, and other details in Exchange 2007?

July 24, 2008

In Exchange Server 2003/2000, expanding a Mailbox Database (MDB) provides information about mailboxes in a database, last logon/logoff times and account(s) that logged on to mailboxes (see ‘Displaying Client IP Address in Exchange System Manager‘ for details). Figure 1: In Exchange 2003, the Logons node displays Store logon-related information. Click here to see a bigger [...]

Read the full article →

Removing internal host names and IP addresses from message headers

May 20, 2008

Another frequently asked question about SMTP mail – how can I remove internal host names and IP addresses from outbound Internet mail? More often than not, this results from the belief that somehow if the outside world finds out an organization’s internal IP addresses and host names, it makes the organization vulnerable. Auditors love to [...]

Read the full article →

← Previous Entries