This may or may not apply to Chris needs, but Exchange client uses the RPC
locator to know which ports are used by Exchange Server, which are in the range >
1023. Exchange allocate these ports dinamically during the startup, so they can vary.
There's a KB article describing how to define a couple of fixed ports for Exchange to
use, so you can open only those ports on firewall. It requires some editing on the
Registry, however it's better than opening all ports > 1023.
Look at: http://support.microsoft.com/support/kb/articles/Q155/8/31.asp
----- Mensagem original -----
De: Firewalls-Digest [SMTP:[EMAIL PROTECTED]]
Enviada em: Segunda-feira, 10 de Janeiro de 2000 22:14
Para: [EMAIL PROTECTED]
Assunto: Firewalls-Digest V8 #763
Date: Mon, 10 Jan 2000 19:41:26 +0100
From: "Enno Rey" <[EMAIL PROTECTED]>
Subject: Re: Wingate and MS Exchange
On Sun, 9 Jan 2000, Chris Hurley wrote:
> I trying to find out if there is a way to open all ports on a Wingate
proxy
> server. I am trying to limit the number of changes that I have to make
when
> I add a new service as well as restrict incoming traffic.
Due to your subject line I assume you want to allow some kind of MS Exchange
traffic through Wingate Firewall.
You should at least restrict ports used by Exchange as described in
http://www.microsoft.com/exchange/55/gen/Security.htm.
And, btw: does Wingate behaviour described in
www.cert.org/vul_notes/VN-98.03.WinGate.html still exist (did'nt touch it
for a long time...)?
HTH,
Enno Rey
[EMAIL PROTECTED]
PGP: FB9B DA6D 6706 5A8D A361 F63C 6650 E4C8 3BBE 04E9
- -
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
application/ms-tnef
