by edward | Nov 12, 2023 | Exchange 2016, Exchange 2019
In the August 2023 Security update (SU) for Exchange Server 2016 and Exchange Server 2019, there was a work around that had to be put in place to remove the Token Cache Module in IIS to mitigate a vulnerability. Microsoft provided the script and you could apply it to...
by edward | Nov 10, 2023 | Exchange 2016
Sometimes the event logs on Exchange servers throw up errors or warnings that do not appear again. The event ID, 4002 for MSExchange Availability is a broad error/warning/informational alert. Looking a the error below, a Proxy request failed with an HTTP status code...
by edward | Nov 8, 2023 | Exchange 2016
As everything relies heavily on DNS and the ability to resolve names to IP’s etc., if your DNS upstream is not working or something firewall/internally is not working, things do not always function as they should and you are presented with false positives. A...
by edward | Nov 7, 2023 | Exchange 2016
In one of my lab machines I was sifting through the log files and came across Event ID 12000 as shown below. As this lab machine does not have internet access at all, the error was a bit strange and no other alerts were raised. Nothing out of the ordinary was done...
by edward | Nov 6, 2023 | Exchange 2016, Exchange 2013, Exchange 2019, NMAP, NMAP Scripting Engine, NSE
Over the past few years, Microsoft Exchange Server has come under heavy attack and with each new Cumulative Update (CU) and Security Update (SU), CVE’s are addressed and closed. The problem comes in when organisations do not patch servers (as mentioned in a few...
by edward | Jul 22, 2023 | Exchange 2016
We all know about the ongoing attacks on Exchange Servers and it is vitally important that you keep up-to-date with patching of your environments, even if it is standalone servers that are just performing management functions. Each Cumulative update (CU) and Security...