Re: Change SBS 2003 Exchange 2003 logon banner
- From: "Bob Genestet" <bob_genestet@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 31 Mar 2005 13:18:53 -0600
http://www.microsoft.com/technet/itsolutions/citsrv/em/msaem/Bldguide_10.mspx
Changing the SMTP Banner
Role: Exchange Administrator
Note: Perform this task on the Inbound SMTP Virtual Server on SMTP-01 and
SMTP -02 only.
By default, when connecting to the SMTP service on an Exchange server, the
following banner displays:
220 hostname.domain.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.XXXX
For security reasons, this banner should be changed so that it does not
display specific version information to potential attackers. Perform the
following steps to change the banner:
1.
Open IIS Metabase Explorer.
2.
Expand Lm\Smtpsvc\n; where, n corresponds to the Internet SMTP virtual
server. To validate that you have selected an appropriate SMTPSVC node,
verify that ID 1015 Server Comment displays "Internet SMTP Virtual Server".
3.
On the Edit menu, select New->String Record.
4.
Verify that Data Type is set to "String".
5.
In the Record Name or Identifier box, type "36907" and click OK.
6.
Verify that the 36907 ID (Name = ConnectResponse) is added to the list
of properties.
7.
Select 36907 and press F4 key.
8.
In the Value text box, type "ESMTP" and click OK.
9.
Close the IIS Metabase Explorer.
10.
Restart the SMTP virtual server.
11.
To confirm that the banner has been changed, telnet to port 25 of the
virtual server, which is the default setting. The banner containing the
specific version information should no longer be displayed. However, the
FQDN, as it was entered in the SMTP service properties and the date and time
are still displayed. (For example, 220 hostname.domain.com ESMTP Wed, 12 Nov
2003 20:17:59 -0800.)
Note: For more information on the IIS Metabase Explorer tool, refer to
the Internet Information Server (IIS) 6.0 Resource Kit Tools. To download
IIS 6.0 Resource Kit Tools, refer to the following URL:
http://www.microsoft.com/downloads
/details.aspx?FamilyID=56fc92ee-a71a-4c73-b628-ade629c89499&DisplayLang=en
Note: As a security measure, after this task is done, the IIS Resource
Kit should be uninstalled from each Exchange 2003 server.
"Bob Genestet" <bob_genestet@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:OkFsyDhNFHA.2728@xxxxxxxxxxxxxxxxxxxxxxx
> How do I change the Exchange logon banner?
> I recently had an internet port scan vulnerability test performed and the
> results were very good, although not even considered a low risk, but just
> informational, there was a suggestion for a solution as follows:
> SMTP Server type and version
> This detects the SMTP Server's type and version by connecting to the
> server
> and processing the buffer received.
> This information gives potential attackers additional information about
> the
> system they are attacking. Versions and Types should be omitted
> where possible.
>
> Solution: Change the login banner to something generic (like:
> 'welcome.')Remote SMTP server banner :
> 220 "mydomain".com Microsoft ESMTP MAIL Service, Version: 6.0.3790.211
> ready at Wed, 30 Mar 2005 20:29:33 -0600
>
> Thanks,
>
> Bob
>
>
.
- References:
- Change SBS 2003 Exchange 2003 logon banner
- From: Bob Genestet
- Change SBS 2003 Exchange 2003 logon banner
- Prev by Date: Re: VXA-2a IDE Problem
- Next by Date: RE: A bit of fun for tomorrow.
- Previous by thread: Change SBS 2003 Exchange 2003 logon banner
- Next by thread: Re: Change SBS 2003 Exchange 2003 logon banner
- Index(es):
Relevant Pages
|
