Re: Exchange/MAPI/RPC

• Previous message: benjurry@xfocus.org: "Worm.Dvldr analysis report"
• Maybe in reply to: Joseph Burton: "Exchange/MAPI/RPC"
• Next in thread: Brian W. Spolarich: "RE: Exchange/MAPI/RPC"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Joseph Burton" <joseph_burton1970@hotmail.com>
From: jmcguire@sbcs.com
Date: Mon, 10 Mar 2003 15:04:59 -0500

To implement this, you need to open netbios port 135 to the Internet as
well as a pipe into your Exchange directory and information stores. With
Exchange 2000 this is actually 3 ports that must be locked down in the
registry of the Exchange server. Netbios is very vulnerable when exposed to
the big bad world. The other services are pretty much untested and
therefore suspect. I've personally been able to hold customers off on this.
The one that wants it is a juicy terrorist target though so they kind of go
along with my security recommendations and suffer through a VPN
authentication first.

An MS contact on another list says ISA server feature pack 1 is supposed to
allow this securely, but who uses ISA, and besides, this new version has
also not been tested yet. Found a link on microsoft.com
http://www.microsoft.com/isaserver/featurepack1/email.asp

Good Luck!

__________________________________________
JOHN MCGUIRE CISSP, MCSE2k, MCSE+I
Network Security Specialist
888.529.0401
jmcguire@sbcs.com
Strictly Business
www.sbcs.com

                                                                                                                                          
                      "Joseph Burton"
                      <joseph_burton1970@h To: focus-ms@securityfocus.com
                      otmail.com> cc:
                                                  Subject: Exchange/MAPI/RPC
                      03/08/2003 11:07 AM
                                                                                                                                          
                                                                                                                                          

Hello all,

I have a client that will soon start using Microsoft Exchange, and I have a

question regarding the Outlook client. The Exchange client in Outlook uses
the MAPI protocol which uses RPC to communicate with the Exchange server. I

know it's not recommended to connect from the Internet using MAPI, without
using any form av encryption like IPSec.

My question is simply, why? Why is it dangerous to use MAPI/RPC over
Internet? Is the password sent in clear text or something? I need some good

arguments to convince my client to use VPN for the roaming users.

Thanks in advance,

//Joe

_________________________________________________________________
Skaffa fler messengerkontakter - Vinn 10.000 i resecheckar!
http://messenger.msn.se/promo

• Previous message: benjurry@xfocus.org: "Worm.Dvldr analysis report"
• Maybe in reply to: Joseph Burton: "Exchange/MAPI/RPC"
• Next in thread: Brian W. Spolarich: "RE: Exchange/MAPI/RPC"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]