Please can you explain the steps to create your own certificate? I would like to do this but which app. do I need to run to generate the cert.
Thanks Steve -----Original Message----- From: Niki Blowfield - Winnt [mailto:[EMAIL PROTECTED]] Sent: 28 January 2003 08:51 To: NT 2000 Discussions Subject: RE: Repeated attempts to log into IIS Hi Thanks for the response I will do some research into this as its not something I've used before Thanks Mr. Niki Blowfield IT Administrator Westminster Partitions & Joinery T - 020 8848 0126 F - 020 8848 8845 > -----Original Message----- > From: Meade, Devin [mailto:[EMAIL PROTECTED]] > Sent: 27 January 2003 18:38 > To: NT 2000 Discussions > Subject: RE: Repeated attempts to log into IIS > > > You can buy one if you want or you can issue one to yourself. > The general public is not using it. > > So far as someone else's certificate that they issued to > themselves - I wouldn't trust it :-). It is the same thing > as a stranger saying "Trust me". We simply tell our staff > "Trust this server even though we did not pay big bucks for a > certificate". > > Thanks, > > Devin L. Meade, CNE, MCP > Network Administrator > Frankfurt-Short-Bruza > www.fsb-ae.com > www.oklahomadome.com > > > > -----Original Message----- > From: Johnny Martinez [mailto:[EMAIL PROTECTED]] > Sent: Monday, January 27, 2003 12:19 PM > To: NT 2000 Discussions > Subject: RE: Repeated attempts to log into IIS > > This doesn't require a purchased SSL Cert? > > J > > -----Original Message----- > From: Meade, Devin [mailto:[EMAIL PROTECTED]] > Sent: Monday, January 27, 2003 10:09 AM > To: NT 2000 Discussions > Subject: RE: Repeated attempts to log into IIS > > > Niki, > > --- Can anyone advise if theres anything else I should be doing > or be particularly concerned about? --- > > I would encrypt your OWA login process - On our private LAN, > we have OWA installed on an NT4 box (with IIS). Our firewall > forwards port 443 (SSL) to it. On this box, we issued > ourselves a certificate and have the client answer yes to the > Security alert. All this to ensure that the clients > credentials are encrypted. We have no proxy server in this > loop. Can you > change OWA to port 443 and then block port 80 at the firewall? > > Devin L. Meade, CNE, MCP > Network Administrator > Frankfurt-Short-Bruza > www.fsb-ae.com > www.oklahomadome.com > > > -----Original Message----- > From: Niki Blowfield - Winnt [mailto:[EMAIL PROTECTED]] > Sent: Monday, January 27, 2003 10:46 AM > To: NT 2000 Discussions > Subject: Repeated attempts to log into IIS > > Hi > > We have an IIS4 server on our private LAN, port 80 traffic is > forwared to it from the firewall as it is our OWA server, it > is also our MS Proxy Server > > Its been used as an anonymous proxy from unauthorised users > based externally despite me trying a number of things to stop > this as advised from some kind soul on one of the MS newsgroups > > Instead, I've moved proxy server to another server, although > the 1st server will remain as our OWA server > > Today, I've noticed hundreds of failed attempts to log into > this server, which if you try to connect to it, just displays > the generic IIS4 sample website. > > With the addition of the \exchange subdirectory, you > obviously get the OWA log in > > I assume this is a consequence of the machines use as an > anonymous proxy, but its a little disconcerting to be honest. > I'm happy the machine is patched, and I don't think anything > could be done if someone guessed a domain user login/password > > Can anyone advise if theres anything else I should be doing > or be particularly concerned about? > > Thanks a lot > > Nik > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to %%email.unsub%% > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to %%email.unsub%% > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to %%email.unsub%% > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to %%email.unsub%% > ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
