RE: Outlook Web Access

acrypto_at_comcast.net
Date: 06/03/04

  • Next message: Joshua M. Jones: "RE: ISP reconfiguring cable modem?"
    To: "'steve'" <securityfocus@delahunty.com>, <security-basics@securityfocus.com>
    Date: Wed, 2 Jun 2004 20:23:42 -0700
    
    

    How about implementing some type of two part authentication? Safeword,
    SecurID....

    -----Original Message-----
    From: steve [mailto:securityfocus@delahunty.com]
    Sent: Wednesday, June 02, 2004 6:36 AM
    To: security-basics@securityfocus.com
    Subject: Outlook Web Access

    We are still running Exchange 5.5 and until we start our Exchange 2003
    migration we want to improve the way we are running Outlook Web Access
    (OWA) in terms of security. We use SSL. We prohibit traffic to the box
    other than port 80 and 443. Other than the obvious recommendations of
    using the recommended OWA install and hardening the OS where OWA is
    running does the list have any other recommendations on protecting the
    OWA box? For instance, can OWA be configured to run on Linux/Apache
    instead of Windows 2000/IIS5?

    Thanks

    ------------------------------------------------------------------------

    ---
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
    off 
    any course! All of our class sizes are guaranteed to be 10 students or
    less 
    to facilitate one-on-one interaction with one of our expert instructors.
    Attend a course taught by an expert instructor with years of
    in-the-field 
    pen testing experience in our state of the art hacking lab. Master the
    skills 
    of an Ethical Hacker to better assess the security of your organization.
    Visit us at: 
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ------------------------------------------------------------------------
    ----
    ---------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
    any course! All of our class sizes are guaranteed to be 10 students or less 
    to facilitate one-on-one interaction with one of our expert instructors. 
    Attend a course taught by an expert instructor with years of in-the-field 
    pen testing experience in our state of the art hacking lab. Master the skills 
    of an Ethical Hacker to better assess the security of your organization. 
    Visit us at: 
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ----------------------------------------------------------------------------
    

  • Next message: Joshua M. Jones: "RE: ISP reconfiguring cable modem?"

    Relevant Pages

    • RE: Removing Local Admin Rights...
      ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ... pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)
    • RE: HIPAA_Compliance
      ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ... pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)
    • RE: Cisco CSA
      ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ... pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)
    • RE: Minimum password requirements
      ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ... pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)
    • Betr.: RE: fax software in the domain
      ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... pen testing experience in our state of the art hacking lab. ... Attend a course taught by an expert instructor with years of in-the-field ...
      (Security-Basics)