LUA part 4 (of 5): Changes in Windows Vista/7

This post is part 4 of a series about using a limited (standard) account in Windows for everyday activities rather than logging in as a computer administrator all the time. (You may want to read parts 1, 2, and 3 before continuing.)

When Microsoft released Windows Vista, they introduced a new feature: User Account Control (UAC). This basically meant that when you ran certain programs, you would get a message popping up, asking “Are you sure about this?” It’s fair to say that this wasn’t very popular; lots of people acted as though it was the return of Clippy. Quoting from one of Apple’s “I’m a Mac” adverts (YouTube): “He asks me to authorise pretty much anything I do.” However, if you actually understand what UAC is for then it’s quite useful, and I think that Vista is a definite improvement over Windows XP.

Continue reading “LUA part 4 (of 5): Changes in Windows Vista/7”

Microsoft exams

Last August, I did a beta exam for Microsoft. I didn’t pay for it, but I didn’t get a score either; the idea was just to test out their new software for doing simulations in the exam (rather than multiple choice questions). As a “thank you”, Microsoft then sent me three vouchers, each one corresponding to a free exam. These expire at the end of June, so I’ve finally had to stop procrastinating and start studying.

Today I did two exams: 70-236 (MCTS: Configuring Exchange Server 2007) and 70-431 (MCTS: SQL Server 2005 – Implementation and Maintenance). According to the booking website, the Exchange exam lasts 4½ hours, and the SQL exam lasts 4 hours, so this looked like quite a long day! Fortunately, I didn’t need all the time that was allocated, so I ended both exams early, and I was at the test centre for about 3 hours altogether.

Continue reading “Microsoft exams”

Exchange 2007 – firewall problems on Windows 2008

In Windows 2003, the local firewall was turned off by default. You could enable it, but you had to be careful about defining all your exceptions; unlike a PC running Windows XP, you presumably want people to be able to connect to your server! Finding a list of all the relevant ports/protocols could be difficult, and Microsoft sometimes advised people not to enable the firewall at all. SP1 introduced the Security Configuration Wizard (SCW), which helps you to configure the firewall, but you have to specifically install this as an extra component.

In Windows 2008, this changed: the firewall is turned on by default, and the SCW is installed automatically. You can still turn the firewall off, but that’s not ideal from a security point of view: it’s better to configure it so that only certain traffic can get through.

Continue reading “Exchange 2007 – firewall problems on Windows 2008”

Exchange 2007

I’ve been doing some upgrades this weekend, including the new version of Microsoft Exchange (mail server). This has a couple of small quirks, which it’s useful to be aware of:

1. If you want to use Outlook Web Access, and your server is “mail.example.com”, the address is now:
https://mail.example.com/owa/
Previously (in Exchange 2003), it was:
https://mail.example.com/exchange/
but that address will no longer work.

2. Microsoft’s advice is that you should have two Exchange servers per organisation, with different “roles”. One will be the edge transport server, that sits outside the domain and talks to the internet. The other is the hub server, which receives email from the edge server, and integrates with Active Directory. You don’t have to follow this advice, but if you choose not to then you need to allow anonymous users to connect to your “Receive connector”, as explained here. Otherwise, computers that try to send you mail will get error “530 5.7.1 Client was not authenticated.” Since you can’t make this change until after installation, I’d recommend that you block port 25 on your firewall until you’re ready to start receiving email. My normal approach is to map port 26 on the router to port 25 on the server – that way, I can simulate SMTP via telnet until I’m satisfied that it works correctly, while the rest of the world will just think “Oh, that server’s unavailable, I’ll try again later”, and their messages are just delayed rather than bounced. When you’re happy, then put port 25 back to normal.

Anatomy of a hack: mail server

Today I’ve been fixing a problem with my mail server after someone “hacked” (cracked) it. I’m reconstructing the chain of events as best I can, but the causality wasn’t obvious at the time.

Background: this machine is running Windows Server 2003 SP1 with Exchange Server 2003 SP2.

A few weeks ago, someone gained unauthorised access to the server over the internet. I’m not sure how exactly, but I suspect that they used a buffer overflow in IIS (since the server runs OWA). The server is up to date with all the relevant security patches, so that shouldn’t be possible, but something obviously went wrong.

Continue reading “Anatomy of a hack: mail server”