Link to home
Start Free TrialLog in
Avatar of mrpierce2
mrpierce2

asked on

Is it desirable (and unproblematic) to make Internet access to the OWA and RWW sites more 'cryptic' than "/exchange" and "/remote" ?

Hello experts.  Acknowledging that SBS has been well designed in the area of security, given the fact that public DNS info is so...public and the standard format of the URLs for web access to Exchange and the RWW is generally well known, I was curious if substituting something more cryptic for the familiar "/exchange" and "/remote" has any value in adding another bit of security by making it harder for the would-be hacker to find the respective web pages?  Or does anybody out there make changes just to simplify the addresses?  If so, does it simply come down to changing the site settings in IIS and/or adding pointers in the internal DNS?  Are there any negative ramifications to the overall configuration of SBS, as I DO appreciate such a change would be a non-wizard based alteration?  Thanks for educating me on this.
SOLUTION
Avatar of Jason Watkins
Jason Watkins
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ASKER CERTIFIED SOLUTION
Avatar of Rob Williams
Rob Williams
Flag of Canada image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of mrpierce2
mrpierce2

ASKER

Ok.  I've rarely seen any talk about this so I figured the general recommendation would be not to mess with it, but I needed to ask.  I came to appreciate the sanctity of the wizards a while back (thanks to TechSoEasy)  and not "breaking" the SBS so their importance is understood.

Firebar:
Thanks .  I did have the opportunity to use ADSIEdit for cleaning up when I did a swing migration from SBS 2K to 2K3 and understand its capability to address special situations or do serious damage if misused, but as per above, I'll leave things as they are.  I AM curious to know a bit more about S-HTTP.  Just did a quick look up on it.  Guess I've been aware of it but have kind of taken its application for granted.  I've been more focused on SSL in regards to certificates etc. in relation to SBS, but I do understand they're not the same.  If for no other reason than my edification, any recommendations on a site(s)/source for the best primer?

RobWill:

Thanks for the explanation of the security underpinnings of RWW.  You know, I did my due diligence in ensuring the necessary ports opened by the CEICW were opened on the firewall as well, aware of what needed which port, but not really appreciating HOW the ports were being used.  So, thanks for clarifying that.
Avatar of Jason Watkins
Jason Watkins
Flag of United States of America image
Hi,

The SBS Security Site might be a good place to start:  http://tinyurl.com/2v7scq
Avatar of mrpierce2
mrpierce2

ASKER

Thanks!
Avatar of Rob Williams
Rob Williams
Flag of Canada image
Thanks mrpierce2.
Cheers !
--Rob