Re: Making sure OWA is secure

  • From: Danny <nocmonkey@xxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Tue, 12 Oct 2004 18:03:03 -0400

On Tue, 12 Oct 2004 16:52:33 -0400, Mulnick, Al <al.mulnick@xxxxxxxxxx> wrote:
> http://www.MSExchange.org/
> 
> Just checking.  It looked from your post that you were not advocating that.

Advocating, what? I advocate: 

-Disabling unessential, ports, services, programs, etc..
-Properly configured firewalls
-Multiple layers of malicious code execution prevention
-Educating users
-Security through obscurity
-etc...

> If someone were to only use SSL and allow access via TCP 443, then that
> would be a secure channel that IDS traditionally can't look at.  I was
> curiuos how you wanted to handle that.  I'm assuming from your last post you
> are indicating a layer-7 device that's capable of SSL bridging or something
> that can terminate and proxy the SSL connection.

There is lots of neat info you can extract from TCP port 443. A
firewall with intrusion prevention can add another layer of
protection. That's all I am saying.


...D


Other related posts: