LUA part 4 (of 5): Changes in Windows Vista/7

This post is part 4 of a series about using a limited (standard) account in Windows for everyday activities rather than logging in as a computer administrator all the time. (You may want to read parts 1, 2, and 3 before continuing.) When Microsoft released Windows Vista, they introduced a new feature: User Account Control […]

Exchange 2007 – firewall problems on Windows 2008

In Windows 2003, the local firewall was turned off by default. You could enable it, but you had to be careful about defining all your exceptions; unlike a PC running Windows XP, you presumably want people to be able to connect to your server! Finding a list of all the relevant ports/protocols could be difficult, […]

Exchange 2007

I’ve been doing some upgrades this weekend, including the new version of Microsoft Exchange (mail server). This has a couple of small quirks, which it’s useful to be aware of: 1. If you want to use Outlook Web Access, and your server is “”, the address is now: Previously (in Exchange 2003), it was: […]

Anatomy of a hack: mail server

Today I’ve been fixing a problem with my mail server after someone “hacked” (cracked) it. I’m reconstructing the chain of events as best I can, but the causality wasn’t obvious at the time. Background: this machine is running Windows Server 2003 SP1 with Exchange Server 2003 SP2. A few weeks ago, someone gained unauthorised access […]