[isalist] Where does Port 443 go?
- From: Steven Comeau <scomeau@xxxxxxxxxxxxxxxxxx>
- To: "isalist@xxxxxxxxxxxxx" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 25 Mar 2009 15:30:28 -0400
We have our ISA 2006 Server setup for webmail & ActiveSync to our Exchange 2007
server using a Listener. However, when we do a vulnerability scan for PCI
compliance, the IP for this listener on the ISA server is coming up with an SSL
V2 vulnerability. Now, I have done all the stuff (regedits) I need to do on
the Exchange 2007 server to disable SSL V2, but I am still coming up with a
vulnerability on a scan.
Could it be that when accessing Port 443 on the IP in question, the request is
forwarded somewhere else when the Webmail/Activesync URL
(mailserver.domain.com/owa) is not specified (i.e. not to the Exchange Server
but the ISA IIS Server?). I don't see anywhere else where Port 443 could be
forwarded. Any suggestions?
Steve Comeau
Associate Director of IT
Rutgers Athletics
83 Rockafeller Road
Piscataway, NJ 08854
732-445-7802
732-445-4623 (fax)
www.scarletknights.com<http://www.scarletknights.com>
[cid:image001.jpg@01C9AD5D.220693F0]
*** This message contains confidential information and is
intended only for the individual named. If you are not the
named addressee, you should not disseminate, distribute or
copy this e-mail. Please notify the sender immediately by
e-mail if you have received this e-mail by mistake and delete
this e-mail from your system. E-mail transmission cannot be
guaranteed to be secure or error-free as information could be
intercepted, corrupted, lost, destroyed, arrive late or
incomplete, or contain viruses. The sender therefore does not
accept liability for any errors or omissions in the contents of
this message, which arise as a result of e-mail transmission.
If verification is required please request a hard-copy version.
Rutgers University - DIA
83 Rockafeller Road
Piscataway, NJ 08854
www.scarletknights.com ***
Other related posts:
