When was the last time you performed a security checkup on your Exchange Server deployment? In another life (I'm a US Air Force reservist), I work in the computer security field, and I've recently been looking into Exchange's susceptibility to attack. Four key threats exist for Exchange: Denial of Service (DoS) attacks, viruses, unauthorized access, and forgery. This week, I look at these threats and what we can do to protect our Exchange servers.
In an Exchange environment, DoS attacks are fairly rare and aren't as high a priority as some other threats. DoS attacks are uncommon because they generally come from external sources, and Exchange usually doesn't have external services exposed (generally, even Exchange SMTP gateways are behind a firewall). However, you need to evaluate services such as SMTP gateways, Outlook Web Access (OWA) servers, and News servers for susceptibility to DoS attacks.
A viral outbreak is perhaps the most common attack that our Exchange servers endure. Luckily, the market is filled with good products that make protecting Exchange from viruses a lot easier. When evaluating your antivirus strategy, consider these three perimeters of defense: gateways (SMTP hosts that receive mail from external sources), clients (mail client users whose systems can be an outbreak's source), and Exchange information stores (ISs—where viruses can spread or lie dormant). A solid antivirus plan should include all three perimeters. The ultimate antivirus protection is a two-tier approach (called a virus wall) that uses both content blocking and virus signature scanning (see my article "Designing a Protection Frontier to Safeguard your Network").
Unauthorized access is perhaps the most difficult Exchange threat that we must deal with. This threat can be malicious or accidental. Our security measures must assure users that only they can access their data. System administrators must ensure that only authorized personnel can access servers administratively. The unauthorized access threat also includes simple user enumeration. For example, because Exchange 5.5 and later versions (Exchange 2000 via the Windows 2000 Active Directory—AD) provide Lightweight Directory Access Protocol (LDAP) services, anyone with basic authentication can partially or completely dump the contents of the Exchange directory service or perhaps even the AD. Some SMTP servers also allow enumeration of user names without the proper lockdown measures in place. Without the proper implementation of Windows and Exchange security measures, both data and services can be vulnerable to unauthorized access.
Forgery is perhaps the most serious threat to Exchange; it's also the most difficult attack to carry out—and the most difficult threat to protect against. Forgery includes accessing, tampering with, and spoofing mail data. In the most extreme cases, users must encrypt and sign mail messages to prevent access and guarantee authenticity. Unfortunately, this level of protection also requires deployment of services such as Public Key Infrastructure (PKI), Certificate Authority (CA), and Exchange's Key Management Server (KMS).
The world is full of individuals who want to compromise your Exchange deployments. Most don't target your organization specifically, but the threats are still very real. Take some time to give your Exchange server its 1,000,000-message security checkup.