Re: accessing emails using owa ... traceable?
- From: help!! <help@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 28 Oct 2006 05:07:01 -0700
Would they be able to trace the IP address of the client ... even if the
client is behind a firewall at home?
"Joe Kaplan" wrote:
What difference would the logging make? If another user has your password,.
they are you. Period.
The only way you could differentiate them would be by the IP address of the
client. This would generally be logged by IIS for OWA. However, if you
don't know the IP address of various clients, it would be difficult to take
advantage of this. It would also be very hard to prove anything by this.
I wonder, if they are such trusting types, why even ask about such things.
If you don't trust other people with your password, don't let them have it.
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"Bryan Phillips" <bphillips@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:%23onvBVh%23GHA.4888@xxxxxxxxxxxxxxxxxxxxxxx
The logging occurs regardless of the type of email client: Outlook, OWA,
or Outlook Mobile. Your Exchange administrator can increase the level of
auditing to log more details about the activity in your email account.
Bryan Phillips
MCSD, MCDBA, MCSE
Blog: http://bphillips76.spaces.live.com
"help!!" <help!!@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:D544588D-B9B9-40CE-85D0-90993196BAB5@xxxxxxxxxxxxx:
Both at work (Entourage is too slow) and when I'm out of the office, I
access
my e-mail via our exchange server using a mac and IE, through microsoft
outlook web access. There is a password 'system' in place that uses
certain
letters of our names - we are given our passwords and few people change
them
- we are trusting types.
But it does mean that many of us know each other's passwords. My question
is
this... in such an 'open' environment, where so many people 'know' each
other's passwords, are we all able to just surf each other's mailboxes
without detection? I have read here of the 'event 1016' that shows up on
the
administration logs when someone other than the 'owner' of the account
accesses the account. But does this hold true for web access? Is it the
case
that my e-mail account, or anyone else's for that matter, is an 'open
book'
when accessed this way or is there a way to detect who is who, especially
when the user name and password are correct? Sometimes I read that 1016
shows
up only when an unsuccessful attempt is made to access, other times I
read
that it is there every time. Can I, via getting with the administrator,
prove
that someone, who has my password and is accessing via the web, was
reading
my e-mail?
Thanks in advance.
- Follow-Ups:
- Re: accessing emails using owa ... traceable?
- From: Joe Kaplan
- Re: accessing emails using owa ... traceable?
- References:
- Re: accessing emails using owa ... traceable?
- From: Bryan Phillips
- Re: accessing emails using owa ... traceable?
- From: Joe Kaplan
- Re: accessing emails using owa ... traceable?
- Prev by Date: RE: Security problems in .Net web application
- Next by Date: Re: Help!! InvalidOperationException in GetProcessesByName!!
- Previous by thread: Re: accessing emails using owa ... traceable?
- Next by thread: Re: accessing emails using owa ... traceable?
- Index(es):
Relevant Pages
|
|
