Re: ms exchange security
From: Michael J. Pelletier (mjpelletier_at_mjpelletier.com)
Date: 06/29/05
- Next message: Bolkin: "Re: I need a virus"
- Previous message: Harlan Messinger: "Re: E-mail addresses changing hands"
- In reply to: BFM: "ms exchange security"
- Next in thread: BFM: "Re: ms exchange security"
- Reply: BFM: "Re: ms exchange security"
- Reply: Lassi Hippeläinen: "Re: ms exchange security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 29 Jun 2005 10:09:38 -0700
BFM wrote:
> How hard is it to crack a mail exchange server account if I already know a
> username on the server?
>
> The reason I'm asking is a company I know of posts both their exchange
> server IP as well as the format of the username accounts. All a person
> would need to know is a bit about the person or the format of a password -
> and (in my estimation) they could crack an account and have access to
> email. No??
Sure but most good security people put restrictions on passwords. I.E. no
dictionary words, all passwords must have at least 2 uppercase and 2
numerical elements. Also password aging should be around 30 to 60 days. Now
you can still try brute force guessing but, a good security guy will keep
an eye out on the system logs...
I need to stress good security guy/girl as there are many in the industry
who are not and do not follow the guidelines...
-- Michael
- Next message: Bolkin: "Re: I need a virus"
- Previous message: Harlan Messinger: "Re: E-mail addresses changing hands"
- In reply to: BFM: "ms exchange security"
- Next in thread: BFM: "Re: ms exchange security"
- Reply: BFM: "Re: ms exchange security"
- Reply: Lassi Hippeläinen: "Re: ms exchange security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
