Re: ms exchange security
From: BFM (brainfuel_at_gmail.com)
Date: 06/29/05
- Previous message: Bolkin: "Re: I need a virus"
- In reply to: Michael J. Pelletier: "Re: ms exchange security"
- Next in thread: Lassi Hippeläinen: "Re: ms exchange security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 29 Jun 2005 18:32:03 GMT
I thought so. I just come from the camp of security where you do not post
direct access to your exchange server, or if you do, you protect the page
that links to the server directly. I know security is never 100%
attainable, but it is possible to make things as difficult as possible for
would be black hats - I think that's the key.
"Michael J. Pelletier" <mjpelletier@mjpelletier.com> wrote in message
news:lBAwe.7269$8o.6821@fed1read03...
> BFM wrote:
>
>> How hard is it to crack a mail exchange server account if I already know
>> a
>> username on the server?
>>
>> The reason I'm asking is a company I know of posts both their exchange
>> server IP as well as the format of the username accounts. All a person
>> would need to know is a bit about the person or the format of a
>> password -
>> and (in my estimation) they could crack an account and have access to
>> email. No??
>
> Sure but most good security people put restrictions on passwords. I.E. no
> dictionary words, all passwords must have at least 2 uppercase and 2
> numerical elements. Also password aging should be around 30 to 60 days.
> Now
> you can still try brute force guessing but, a good security guy will keep
> an eye out on the system logs...
>
> I need to stress good security guy/girl as there are many in the industry
> who are not and do not follow the guidelines...
>
> -- Michael
- Previous message: Bolkin: "Re: I need a virus"
- In reply to: Michael J. Pelletier: "Re: ms exchange security"
- Next in thread: Lassi Hippeläinen: "Re: ms exchange security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
