RE: Interesting Observation

  • From: "Mark Fugatt" <mark@xxxxxxxxx>
  • To: "'[ExchangeList]'" <exchangelist@xxxxxxxxxxxxx>
  • Date: Thu, 10 Jun 2004 15:51:32 -0400

Excellent point Michael

-----Original Message-----
From: Michael B. Smith [mailto:michael@xxxxxxxxxx] 
Sent: Thursday, June 10, 2004 3:48 PM
To: [ExchangeList]
Subject: [exchangelist] RE: Interesting Observation

http://www.MSExchange.org/

I think the behavior is appropriate. As you know, Exchange maintains a
log-file-number, and if that file is already there -- there is a problem.
The database and transactional system is fubar'ed.

I think it's a good thing that on Ex2003/Win2003 that Everyone doesn't have
permission to the MDBDATA folders by default. :-)

But if a worm/virus has admin access, I'm already SOL.... 

-----Original Message-----
From: Mark Fugatt [mailto:mark@xxxxxxxxx]
Sent: Thursday, June 10, 2004 3:42 PM
To: [ExchangeList]
Subject: [exchangelist] Interesting Observation

http://www.MSExchange.org/

I was teaching an Exchange 2003 support class for Symantec this week, so
that their gold and platinum support guys had a good understanding of how
Exchange really works :-), he talked about log files, and one of the guys
asked what would happen if you created a new log file, for example, the last
log file is E0000001.LOG and you create E0000002.log manually.

We tried it to see, and the effect was that the Outlook clients would hang
when trying to send mail, until you deleted the manually created log file,
the other effect was when you performed an online backup the backup would
fail, and then dismount all the Stores in the Storage Group that you were
trying to backup, this then led them to ask what type of security risk this
would be, if someone managed to create a worm that created a log file
manually it would bring down all the Stores when you perform a backup.

What are your thoughts?

Mark



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
michael@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
mark@xxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist





Other related posts: