Securing OWA Exchnage 2007

Discussion in 'OT Technology' started by ArcticRSX, Aug 19, 2009.

  1. ArcticRSX

    ArcticRSX OT Supporter

    Joined:
    Dec 21, 2004
    Messages:
    1,826
    Likes Received:
    5
    Location:
    Earth
    Is there anything I can do to prevent automated brute force attacks to my OWA server? Its kinda sad that it wont lock itself after 5 wrong attempts.
     
  2. Minh Lam

    Minh Lam Active Member

    Joined:
    Mar 15, 2004
    Messages:
    1,128
    Likes Received:
    0
    Location:
    Sydney, Australia
    Wouldnt this come under Group Policy Security settings? After so many attempts? OWA accounts are the same as AD account so I would assume that.
     
  3. DigiCrime

    DigiCrime If Only!

    Joined:
    Oct 25, 2001
    Messages:
    32,996
    Likes Received:
    100
    Location:
    St. Louis
    Wouldn't you want to do this at a firewall level or router level? So the traffic is at least filtered before it hits the server?
     
  4. ArcticRSX

    ArcticRSX OT Supporter

    Joined:
    Dec 21, 2004
    Messages:
    1,826
    Likes Received:
    5
    Location:
    Earth
    That's one way i supposed but it can be a potential DOS attack locking out any valid email address.
     
  5. ArcticRSX

    ArcticRSX OT Supporter

    Joined:
    Dec 21, 2004
    Messages:
    1,826
    Likes Received:
    5
    Location:
    Earth
    Yeah the server is only serving on port 443 but nothing is stopping people from brute force hacking the login screen
     
  6. DAN513

    DAN513 OT Supporter

    Joined:
    Mar 10, 2003
    Messages:
    10,089
    Likes Received:
    2
    Location:
    204
    I thought the user accounts would lock themselves out for 15 minutes after 5 wrong password attempts?
     
  7. 5Gen_Prelude

    5Gen_Prelude There might not be an "I" in the word "Team", but

    Joined:
    Mar 14, 2000
    Messages:
    14,519
    Likes Received:
    1
    Location:
    Vancouver, BC, CANADA
    Yes there is - a true firewall will eventually simply block IP addresses for just such an attack.
     
  8. ArcticRSX

    ArcticRSX OT Supporter

    Joined:
    Dec 21, 2004
    Messages:
    1,826
    Likes Received:
    5
    Location:
    Earth
    We only have a mid grade sonicwall device :squint:
     

Share This Page