RE: RPC over HTTP security

From: Robert Hines (b.hines_at_comcast.net)
Date: 01/28/05

  • Next message: BoI base: "Re[2]: encryption algs" 
    To: <security-basics@securityfocus.com>
Date: Fri, 28 Jan 2005 08:19:01 -0500

    Ronish,

    As well, if you are running in a server 2003 environment, the machine can
    also act as a secure cert server, a CA option exist that force Domain
    members to get and use certs. Install certs for IIis HTTPs service, mail
    signing/encryption, or make a new one under admin tools/security
    policy/ipsecurity policy. The policy manager regarding active directory is
    used in this setup. Its seem quite secure, and to work with the Microsoft
    suite, if you plan to file encrypt NTFS data, as the admin make sure you use
    the CIPHER /R:filename command to generate a key to be installed for a
    recovery option prior to any file encryption.

    Bob

    -----Original Message-----
    From: LordInfidel@directionweb.com [mailto:LordInfidel@directionweb.com]
    Sent: Thursday, January 27, 2005 11:33 AM
    To: sf_mail_sbm@yahoo.com; security-basics@securityfocus.com
    Subject: RE: RPC over HTTP security

    http://office.microsoft.com/en-us/assistance/HA011402731033.aspx

    ~tips~
    Make sure you use it over https and not http. (use self signed CA certs)
    The client side needs to be outlook 2003, previous versions will not
    work.

    -----Original Message-----
    From: sf_mail_sbm@yahoo.com [mailto:sf_mail_sbm@yahoo.com]
    Sent: Wednesday, January 26, 2005 8:03 AM
    To: security-basics@securityfocus.com
    Subject: RPC over HTTP security

    Hi List,
    We are thinking about deploying RPC over HTTP to access email from the
    Internet

    Wanted to get some information on the technology and the security
    implications of same

    Not much info from Microsoft's site

    any help would be greatly apreciated

    Thanks,
    Ronish

  • Next message: BoI base: "Re[2]: encryption algs"

    Relevant Pages

    • Re: frontend/backend and rpc over http
      ... have you imported the cert root into the trusted certs on the client? ... We seem to have Frontend/Backend servers ... > In the document, Exchange server 2003 RPC over HTTP Deployment Scenarios, ... > generating my own certs, up till now, and with web servers, we just accept ...
      (microsoft.public.exchange.admin)
    • Re: Karl Please take a look SSL
      ... www.entrust.net and www.freessl.com are two places to get paid certs. ... not under your control, and you want to get rid of those error messages, ... > By getting a valid paid cert, you will not get the first prompt ... >> conversion of the HTTP to HTTPS? ...
      (microsoft.public.inetserver.iis.security)
    • Re: Fedora home server using core 9
      ... Internet Exploder by the ways ... does warn about forms sent via HTTP until everyone turns the warning off. ... http insteasd of https (barring mismatched or expired certs). ... Then we disagree about user expectation. ...
      (Fedora)