Re: Security issue with MS Exchange and Windows 2003 Server
From: Leythos (void_at_nowhere.lan)
Date: 11/28/05
- Next message: vcast: "Re: locate.exe"
- Previous message: David H. Lipman: "Re: Security issue with MS Exchange and Windows 2003 Server"
- Maybe in reply to: David H. Lipman: "Re: Security issue with MS Exchange and Windows 2003 Server"
- Next in thread: ITTester: "Re: Security issue with MS Exchange and Windows 2003 Server"
- Reply: ITTester: "Re: Security issue with MS Exchange and Windows 2003 Server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 28 Nov 2005 22:53:42 GMT
In article <820A8F04-BA76-40CD-B07F-718CAB32B830@microsoft.com>,
ITTester@discussions.microsoft.com says...
> 1. Can hackdef or its variants infect the new mail servers by moving the
> mailboxes?
> 2. Can data on the moved mailboxes infect the new server - we have one
> user's mailboxes which is infected by a virus / trojan
>
> Do we need to rebuilt from scratch if the above point are not safe.
> We can't perform a anti-virus scan on the exchange db before the move as db
> will be corrupted so it's not usefull.
> Please advise if there any other alternative for this matter.
Anything you move to the new server that COULD contain a virus (like
your mail stores, or PST files if you exported them) could still contain
the virus and still be executed by users at any time.
Why are you not running Exchange aware SMTP based AV software?
Why are you not removing attachments BEFORE they reach the Exchange
store - if your firewall doesn't do this in an SMTP Proxy service, your
Exchange SMTP session aware AV software should be able to do it.
You can run all the malware removal tools you want, but if the malware
is in the store you don't have much hope.
If I were in your place I would do the following:
Setup a new server, install Symantec Corporate Edition 10.0 and properly
update it, then set the proper file/folder/extension exclusions based on
MS and Symantec's recommendations, then I would install Symantec Mail
Security 4.6 and update it, then import the mail boxes, and then run a
manual scan on them from inside Symantec Mail Security.
Once that's done I would setup SMS 4.6 to remove attachments that could
contain malware and also use it for spam filtering.
-- spam999free@rrohio.com remove 999 in order to email me
- Next message: vcast: "Re: locate.exe"
- Previous message: David H. Lipman: "Re: Security issue with MS Exchange and Windows 2003 Server"
- Maybe in reply to: David H. Lipman: "Re: Security issue with MS Exchange and Windows 2003 Server"
- Next in thread: ITTester: "Re: Security issue with MS Exchange and Windows 2003 Server"
- Reply: ITTester: "Re: Security issue with MS Exchange and Windows 2003 Server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
