dw-chow, on Nov 8 2005, 07:23 PM, said:
too bad it doesn't list exchange server removal. :(
Quote
Changing the SMTP Banner
The less information you provide an attacker, the more difficult it is to attack your system. One way an attacker may attempt to gain information about which version of Exchange is being run is to use Telnet to connect to the SMTP service. By default, when you connect to the SMTP service on an Exchange server, the following banner is displayed:
220 hostname . domain .com Microsoft ESMTP MAIL Service, Version: 5.0.2195.1600 ready at current date and time.
You should consider changing this on all back-end Exchange servers so that it does not display the specific version. You may also wish to include a legal statement that unauthorized use of the SMTP service is prohibited.
To modify the Windows 2000 SMTP banner
1. Using a metabase editing tool such as MetaEdit, locate:
Lm\Smtpsvc\ virtual server number.
2. Click Edit , click New , and then click String.
3. Verify that the entry in the ID box is Other, and then type 36907 (decimal) on the right side of the ID box.
4. In the Data box, type the banner that you want to be displayed.
5. Stop, and then restart the SMTP virtual server or the SMTP service.
To confirm that the banner has been changed, Telnet to port 25 of the virtual server (the default setting). The "ESMTP MAIL Service, Version: 5.0.2195.1600" banner should no longer be displayed. However the fully qualified domain dame (as it was entered in the SMTP service properties) and the date and time are still displayed.
Sign In
Register
Help
MultiQuote
