0

Exchange & TCP/IP Port Range

The below is an interesting result after installing Exchange.  The act of installing Exchange will change how TCP/IP operates on the server with respect to ephemeral connections.

This may manifest itself in a few ways.

For example:

  • Security or Network are "surprised" with different network behaviour on an Exchange server when reviewing captures
  • Network team sets a very restrictive firewall ACL which is
Read the rest “Exchange & TCP/IP Port Range”
0

QuickTip – Query Block Mode

Exchange 2010 SP1 introduced the concept of block mode or granular replication.  This minimised the time taken for transactions on the active node to be replicated to passive nodes.  Since the feature is enabled by default and is self-managing, there is a good chance that you are benefiting from it without being fully aware of it.

See also understanding High Availability and Site Resilience

If you d… Read the rest “QuickTip – Query Block Mode”

11

Collected Links For Hafnium – March 2021 Exchange Security Issue

The below are a series of links, tips and some very brief thoughts on Hafnium.  I will purposefully not include the content of the other locations as it is changing so rapidly, and there is no way to ensure that it would be updated here in a timely fashion.

 

 

If you read nothing else, please ensure that you install the update from an elevated CMD prompt if you are manually installing. 

FaiRead the rest “Collected Links For Hafnium – March 2021 Exchange Security Issue”

0

Exchange 2010 SP3 RU32 Released

Today is an out of band security release for Exchange.  Due to the way that Exchange 2010 is serviced, security updates are released as a new update rollup (RU).

You can visit the Microsoft Security  Response Center to read the details about this and the other released security updates.

Download Exchange 2010 SP3 RU32

Note – The image does not show RU 32, and I'll update it once the download site is corrected. 

This is build 14.03.Read the rest “Exchange 2010 SP3 RU32 Released”

2

Out of Band Critical Exchange Security Updates–March 2021

Security updates were released today for Exchange 2010, 2013, 2016 and 2019.  Attacks were detected which leveraged these vulnerabilities, so an out of band set of updates was released

This a remote code execution on TCP 443 and is already being exploited as a 0-Day attacks against on-premises Exchange servers.

Microsoft strongly recommends installing this update immediately.  Internet facing serverRead the rest “Out of Band Critical Exchange Security Updates–March 2021”

1

Exchange 2010 SP3 RU31 Released

Today is patch Tuesday for December 2020  and contains a security advisory bulletin for Exchange 2010.  Due to the way that Exchange 2010 is serviced, security updates are released as a new update rollup (RU).

You can visit the Microsoft Security  Response Center to read the details about this and the other released security updates.

Download Exchange 2010 SP3 RU31

This is build 14.03.0509.000 of Exchange 2010, and KB 4593467 has the… Read the rest “Exchange 2010 SP3 RU31 Released”

0

Exchange HCW Detects “Wrong” Version

When running Exchange setup or the Exchange Hybrid Configuration Wizard (HCW), I always recommend looking at the version information that is shown on screen. This is part of the gross error check to make sure that the correct version is being used.

This habit is one of the recommendations made in the Mistakes to Avoid Installing Exchange CU post.

Sometime you still may see something that surprises yo… Read the rest “Exchange HCW Detects “Wrong” Version”

1

End of Exchange 2010 Support

Exchange 2010 has proven to be a solid and innovative product over the last decade.  From consolidating three different flavours of continuous replication, adding RPC Client Access and the Exchange Hybrid Configuration Wizard in Service Pack 2 we have a lot to be thankful for.  However it is time so say goodbye to this old friend.

I can only imagine the number of time people have been running setupRead the rest “End of Exchange 2010 Support”

1

Exchange 2016 CAS Namespace Cutover Authentication Failure

You have prepped for months, and tonight is the night!  It is the night of CAS namespace cutover to move the HTTPS namespaces from Exchange 2010 so that the point to Exchange 2013 or 2016.  DNS TTL was decremented.  Servers are all fully updated as are the Outlook clients and we are good to go.

The DNS change kicks in, and Outlook HTTPS traffic hits Exchange 2016 and we enter a spiral of never endi… Read the rest “Exchange 2016 CAS Namespace Cutover Authentication Failure”

5

Unable to Remove Exchange 2010 Public Folder Database

One of the last rites of removing Exchange 2010 will be to remove the its legacy public folder database after the content has been moved to either shared mailboxes or to modern public folders.  Maybe you just decide to delete those Christmas party pictures from 1999 as an alternative to carrying the legacy content forward...

However deleting is simpler said than done.  For many years the project to… Read the rest “Unable to Remove Exchange 2010 Public Folder Database”