Niki, --- Can anyone advise if theres anything else I should be doing or be particularly concerned about? ---
I would encrypt your OWA login process - On our private LAN, we have OWA installed on an NT4 box (with IIS). Our firewall forwards port 443 (SSL) to it. On this box, we issued ourselves a certificate and have the client answer yes to the Security alert. All this to ensure that the clients credentials are encrypted. We have no proxy server in this loop. Can you change OWA to port 443 and then block port 80 at the firewall? Devin L. Meade, CNE, MCP Network Administrator Frankfurt-Short-Bruza www.fsb-ae.com www.oklahomadome.com -----Original Message----- From: Niki Blowfield - Winnt [mailto:[EMAIL PROTECTED]] Sent: Monday, January 27, 2003 10:46 AM To: NT 2000 Discussions Subject: Repeated attempts to log into IIS Hi We have an IIS4 server on our private LAN, port 80 traffic is forwared to it from the firewall as it is our OWA server, it is also our MS Proxy Server Its been used as an anonymous proxy from unauthorised users based externally despite me trying a number of things to stop this as advised from some kind soul on one of the MS newsgroups Instead, I've moved proxy server to another server, although the 1st server will remain as our OWA server Today, I've noticed hundreds of failed attempts to log into this server, which if you try to connect to it, just displays the generic IIS4 sample website. With the addition of the \exchange subdirectory, you obviously get the OWA log in I assume this is a consequence of the machines use as an anonymous proxy, but its a little disconcerting to be honest. I'm happy the machine is patched, and I don't think anything could be done if someone guessed a domain user login/password Can anyone advise if theres anything else I should be doing or be particularly concerned about? Thanks a lot Nik ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
