• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 387
  • Last Modified:

Content-location http header errors divulged DMZ/internal IP address

I've had an external security audit recently done and I'm having some trouble with one of the items they cited as a security concern.  It is for an Exchange 2003 OWA server, here is what they wrote:

Content-location http header” errors divulged DMZ/internal IP address xxx.xxx.xxx.xxx for device with external address xxx.xxx.xxx.xxx.  Auditor recommends configuring the web servers to not disclose specific information.

I looked this up and found this KB Article:
http://support.microsoft.com/kb/834141

I already have all service packs applied so I entered the command as directed with the following variables:
cscript adsutil.vbs set w3svc/1/SetHostName exchange

This broke something in DNS and I couldn't load the page at all.  Fortunately I had backed up the metabase right before so was able to do a full restore.  Unfortunately none of the icons on the page would load which turned out to be an authentication problem but I was able to correct that.

Obviously making that change caused some kind of DNS problem but I'm not sure what variable I should replace "exchange" with in order to both fix the problem and allow OWA to continue operating.  Any advice would be appreciated.
0
First Last
Asked:
First Last
  • 2
1 Solution
 
First LastAuthor Commented:
What happened to answers in 30 minutes?
0
 
First LastAuthor Commented:
Absolutely no replies on this
0

Featured Post

Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now