|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Frank Knobbe (FKnobbe
KnobbeITS.com)Date: Tue Aug 14 2001 - 09:42:52 CDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> -----Original Message-----
> From: Aaron Zirbes [mailto:ajzcccs.umn.edu]
> Sent: Monday, August 13, 2001 3:19 PM
>
> According to the document, it requires IIS to be installed.
> That is another door open to the world that he doesn't want to
> open.
>
> "Outlook Web Access is installed as part of the default setup
> of Exchange
> 2000; it requires Windows 2000 and IIS 5.0 to be installed."
Then close the door. If the system is a) properly hardened, b) behind
a stateful firewall in the DMZ (i.e. third NIC), c) access to web
pages requires authentication, d) using SSL certificate, e)
controlled access to Exchange server (read: fixed ports), then I
think the level of risk should be in the 'acceptable' realm.
Regards,
Frank
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
Comment: PGP or S/MIME encrypted email preferred.
iQA/AwUBO3k47JytSsEygtEFEQK6eQCfaHiiUHTiCyLFZo6n82GMOc+eJYcAoKzH
ludQdlXf9eCTfkRyKDPGIOBG
=eSR6
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]