RE: Interesting Observation

• From: "Greg Mulholland" <greg@xxxxxxxxxxxxxx>
• To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
• Date: Fri, 11 Jun 2004 21:09:18 +1000

Interesting...

Hadnt thought of that... The header in the database says what in the
logs has already been committed (and hence at what point before which
the logs can be ignored) , but it has no way to know what the LATEST log
is!

Cudos to the dude that pondered that tidbit

Still - if users have write access to the volume on which your stores
exist, you deserve every failed backup you get! :)

Greg 

-----Original Message-----
From: Mark Fugatt [mailto:mark@xxxxxxxxx] 
Sent: Friday, June 11, 2004 5:52 AM
To: [ExchangeList]
Subject: [exchangelist] RE: Interesting Observation

http://www.MSExchange.org/

Excellent point Michael

-----Original Message-----
From: Michael B. Smith [mailto:michael@xxxxxxxxxx]
Sent: Thursday, June 10, 2004 3:48 PM
To: [ExchangeList]
Subject: [exchangelist] RE: Interesting Observation

http://www.MSExchange.org/

I think the behavior is appropriate. As you know, Exchange maintains a
log-file-number, and if that file is already there -- there is a
problem.
The database and transactional system is fubar'ed.

I think it's a good thing that on Ex2003/Win2003 that Everyone doesn't
have permission to the MDBDATA folders by default. :-)

But if a worm/virus has admin access, I'm already SOL.... 

-----Original Message-----
From: Mark Fugatt [mailto:mark@xxxxxxxxx]
Sent: Thursday, June 10, 2004 3:42 PM
To: [ExchangeList]
Subject: [exchangelist] Interesting Observation

http://www.MSExchange.org/

I was teaching an Exchange 2003 support class for Symantec this week, so
that their gold and platinum support guys had a good understanding of
how Exchange really works :-), he talked about log files, and one of the
guys asked what would happen if you created a new log file, for example,
the last log file is E0000001.LOG and you create E0000002.log manually.

We tried it to see, and the effect was that the Outlook clients would
hang when trying to send mail, until you deleted the manually created
log file, the other effect was when you performed an online backup the
backup would fail, and then dismount all the Stores in the Storage Group
that you were trying to backup, this then led them to ask what type of
security risk this would be, if someone managed to create a worm that
created a log file manually it would bring down all the Stores when you
perform a backup.

What are your thoughts?

Mark



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
michael@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
mark@xxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist




------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
gmulholland@xxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist

test

Other related posts:

• » Interesting Observation
• » RE: Interesting Observation
• » RE: Interesting Observation
• » RE: Interesting Observation
• » RE: Interesting Observation
• » RE: Interesting Observation
• » RE: Interesting Observation
• » RE: Interesting Observation
• » RE: Interesting Observation
• » RE: Interesting Observation
• » RE: Interesting Observation

1. Home
2. exchangelist
3. Archive
4. 06-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---