Re: Exchange 2000 - Port 80
From: Andrew Mitchell (amitchel_at_removecasey.vic.gov.au)
Date: 03/17/04
- Next message: Tom St Denis: "Re: command line encryption for win2k"
- Previous message: Anne Robynn: "Being hacked..."
- In reply to: Sam Ramsey: "Exchange 2000 - Port 80"
- Next in thread: Andrew Mitchell: "Re: Exchange 2000 - Port 80"
- Reply: Andrew Mitchell: "Re: Exchange 2000 - Port 80"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 16 Mar 2004 19:19:12 -0800
"Sam Ramsey" <anonymous@discussions.microsoft.com> said
> I have an Exchange 2000 with all the latest patches and
> IIS lockdown loaded. I have a Cisco firewall and allowing
> only port 25 and 80 on the outside IP address.
>
> External hackers are connecting to port 80 and accessing
> porn sites thru my exchange server. It seems like they are
> using my exchange server as proxy server. I am using
> Active Ports to monitor the ports on the exchange server
> and notice them connecting to port 80. I also have web
> monitoring software and notice the traffic to the porn
> sites on the exchange server. Is this a known problem with
> Exchange 2000? I dont think it is a problem with the
> firewall because I need to allow port 80 for OWA.
It *is* a problem with your firewall config.
OWA needs a rule on the firewall to allow *incoming* connections on port
80. As I stated in my earlier reply, there is absolutely no need to allow
outgoing connections from your exchange server where the destination is
port 80.
Block it at your firewall.
Andy.
- Next message: Tom St Denis: "Re: command line encryption for win2k"
- Previous message: Anne Robynn: "Being hacked..."
- In reply to: Sam Ramsey: "Exchange 2000 - Port 80"
- Next in thread: Andrew Mitchell: "Re: Exchange 2000 - Port 80"
- Reply: Andrew Mitchell: "Re: Exchange 2000 - Port 80"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
