Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Exchange Servers Under Systemic Attack Worldwide.

Options
  • 06-10-2003 8:04pm
    #1
    spongebob
    Closed Accounts Posts: 6,143 ✭✭✭


    I heard the word 'Bank' mentioned today. Microsoft have sent nothing out to their Exchange Users. All versions are vulnerable to this attack and I think their asses will be sued over this as well. :D seeing as they are not being proactive about the Fixes

    Bluestell (sic)

    M


Comments

  • Options
    #2
    scojones
    Closed Accounts Posts: 7,230 ✭✭✭scojones


    Alot of unhappy windows users. What else is new? :D


  • Options
    #3
    quinta
    Registered Users Posts: 112 ✭✭quinta


    You can't sue Microsoft for vulnerabilities in their software.

    Remember all those wonderful pieces of paper that come with the software. Ever read one of those?? Their asses are covered seven ways to Sunday.

    Had this discussion with the CSO of Microsoft from the UK, everyone wants to but nobody can, you remove the right as soon as you install the software.


  • Options
    #4
    marrakesh
    Closed Accounts Posts: 132 ✭✭marrakesh


    Sounds more like some very bright comp. operators using weak passwords and not completly an M$ fault.


  • Options
    #5
    spongebob
    Closed Accounts Posts: 6,143 ✭✭✭spongebob


    It turns out that the SMTP transport DLL in a MS Exchange Server can be used to test 10,000 Network passwords an hour.

    I understand that the password that was cracked and used by bluestell was somewhat complex and not a dictionary word .

    Leaving a MS Exchange SMTP transport open through a firewall is not an option, I wonder who put the test code in there and why MS are not being Trustworthy about it? The other MS SMTP is even leakier it seems.

    M


  • Options
    #6
    Typedef
    Closed Accounts Posts: 5,564 ✭✭✭Typedef


    The scary thing is.

    I worked for a Microsoft only shop, which advocated installation of a Linux/Postfix firewall SMTP relay, specifically to protect an Exchange Server... while at the same time, being rabid about how (Linux was crap) and only M$ products were relevant.

    That's what we call management oriented cranial rectal inversion or http://www.lifeisajoke.com/Pictures/head_up_ass.jpg for short.


  • Advertisement
  • Options
    #7
    marrakesh
    Closed Accounts Posts: 132 ✭✭marrakesh


    i stand corrected... Browsed article too fast twould appear...


  • Options
    #8
    scojones
    Closed Accounts Posts: 7,230 ✭✭✭scojones


    Typedef: That's how m$ protected the microsoft.com site && their network from blaster. And for YEARS hotmail.com ran on freebsd. Talk about letting everyone know that you suck potaterrs


Advertisement