Re: Security issue with MS Exchange and Windows 2003 Server
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 11/28/05
- Previous message: Galen: "Re: Is anybody using Eset NOD32 on their servers?"
- Next in thread: Leythos: "Re: Security issue with MS Exchange and Windows 2003 Server"
- Reply: ITTester: "Re: Security issue with MS Exchange and Windows 2003 Server"
- Maybe reply: Darrin S: "Re: Security issue with MS Exchange and Windows 2003 Server"
- Maybe reply: Nick Gillott [MVP]: "Re: Security issue with MS Exchange and Windows 2003 Server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 28 Nov 2005 17:32:26 -0500
From: "ITTester" <ITTester@discussions.microsoft.com>
| I have posted this message on Exchange Newsgroup but is seem that nobody is
| able to help me so I post it again in this newsgroup hopping someone can help
| me.
|
| Can anyone help me for the below points
|
| General overview of the problem:
| We have a single Exchange Server running on an DC and AD server
| During the past month, our server is infected with hackdef which open
| backdoor on our firewall (cisco pix 506e) and to our networks.
| However we have patched the security hole by remote (ssh) on the firewall
| and we are able to secure partially the network.
| We have rebuilt the DC and AD server using promote an depromote method - We
| have successfully added the second DC to our network but not yet promote this
| box to be the primary DC as we are not sure about the mailboxes moving.
| We have successfully configured a second mail server ready for the moving of
| mailboxes
| We have mount the new mail server offline and updated all security patches
| (Windows server SP1 and Exchange SP2)
| We use temporally an different AntiVirus which a not controlled by the DC
| for safety reason.
| We have successfully test the moving of a single mailbox
| It seem that everything are ready for the final move.
| However we are concerned for the below points:
|
| 1. Can hackdef or its variants infect the new mail servers by moving the
| mailboxes?
| 2. Can data on the moved mailboxes infect the new server - we have one
| user's mailboxes which is infected by a virus / trojan
|
| Do we need to rebuilt from scratch if the above point are not safe.
| We can't perform a anti-virus scan on the exchange db before the move as db
| will be corrupted so it's not usefull.
| Please advise if there any other alternative for this matter.
|
| Regards,
|
What anti virus software are you using that is specifically designed to run on a MS Exchange
Server ?
You said "Can hackdef or its variants..." Is that really the FULL name of this infector ?
Knowing what the AV software that detected the infector would help.
-- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm
- Previous message: Galen: "Re: Is anybody using Eset NOD32 on their servers?"
- Next in thread: Leythos: "Re: Security issue with MS Exchange and Windows 2003 Server"
- Reply: ITTester: "Re: Security issue with MS Exchange and Windows 2003 Server"
- Maybe reply: Darrin S: "Re: Security issue with MS Exchange and Windows 2003 Server"
- Maybe reply: Nick Gillott [MVP]: "Re: Security issue with MS Exchange and Windows 2003 Server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
