Re: OWA on SBS2003 premium
From: Tony (noreply_at_noemail.net)
Date: 02/22/05
- Next message: Dirk-Thomas Brown: "Re: Hiding the remote desktop connection bar"
- Previous message: SuperGumby [SBS MVP]: "Re: File space involved with Shadow Copy"
- In reply to: Matt Gibson: "Re: OWA on SBS2003 premium"
- Next in thread: Matt Gibson: "Re: OWA on SBS2003 premium"
- Reply: Matt Gibson: "Re: OWA on SBS2003 premium"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 22 Feb 2005 16:34:11 -0600
Thank you for the reply Matt, two other questions:
1. Would it make sense to change the port #s used to a more obscure port
#?
2. On our domain we have an old computer controlled manufacturing
machine that is network attached and is unable to be upgraded to anything
beyond DOS 6 so SMB signing had to be disabled on the domain controller to
allow the DOS client; does having SMB signing disabled adversely effect any
security considerations when using OWA?
Thanks,
Tony
"Matt Gibson" <mattg@blueedgetech.ca> wrote in message
news:OWGbjvSGFHA.2032@tk2msftngp13.phx.gbl...
> There's not really too much of a security risk.
>
> You have to authenticate against the server with a valid password/username
> before you can get access to anything. Since (of course) you're using
> complex passwords and usernames that don't match e-mail addresses, there's
> very little chance of anyone gaining access.
>
> While yes, normally you wouldn't have IIS running on a DC, you also
> wouldn't have ISA. As Susan would be quick to point out, we have more
> worries with our users running in Admin mode than running OWA on a DC.
>
> Matt Gibson - GSEC
>
>
> "Tony" <noreply@noemail.net> wrote in message
> news:ORMpbQSGFHA.1924@TK2MSFTNGP14.phx.gbl...
>>I was wondering about the security implications of enabling Outlook Web
>> Access on a SBS 2003 server. I had read that is not a safe practice to
>> enable web servers on a domain controller. Is there a way to host the
>> web
>> server portion of Outlook web access on another machine and have it talk
>> to
>> the exchange server? If that is not possible how would somebody go about
>> changing the http and https ports to nonstandard ports to prevent the
>> bots
>> from scanning the server. Are there any other security considerations
>> that
>> should be planned for?
>>
>> Thank you,
>>
>> Tony
>>
>>
>
>
- Next message: Dirk-Thomas Brown: "Re: Hiding the remote desktop connection bar"
- Previous message: SuperGumby [SBS MVP]: "Re: File space involved with Shadow Copy"
- In reply to: Matt Gibson: "Re: OWA on SBS2003 premium"
- Next in thread: Matt Gibson: "Re: OWA on SBS2003 premium"
- Reply: Matt Gibson: "Re: OWA on SBS2003 premium"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
