Email this to a friend
 
posted on March 5th 2015, at 12:35
by lunarg
By default, when opening up OWA (Outlook Web App) access to the internet, you could technically also get into Exchange Admin Center (EAC) by appending /ecp after the external OWA URL, potentionally creating a security vulnerability and increasing the chance for a brute-force attack to succeed.

While it is generally a good idea to deny access to the Administrator user to manage the Exchange-server, this is not always possible or desireable. Additionally, because EAC is a VirtualDirectory within a site in IIS, it is not possible to have it listen on a separate internal IP address and secure it through the edge firewall. Luckily, IIS also has some other mechanisms to secure access. There's an   ...

Send a link to this post to yourself or a friend.

Send to e-mail:
Your name:
Your e-mail:
Captcha:
Type the letters and numbers as shown.
/get/captcha/1735208637
Not readable? Get another.
 
Information entered is solely used for sending a one-time e-mail, and is not retained and/or passed on to a third party.
 
 
 
 
« December 2024»
SunMonTueWedThuFriSat
1234567
891011121314
15161718192021
22232425262728
293031    
 
Links
 
Quote
« I needed a password with eight characters so I picked Snow White and the Seven Dwarves. »