Entries in Security (1)

Monday
Jul132009

Something Funny

I just learned that in order to install the Exchange management tools on a Workstation with Active Directoy Users and Computers on it, you need to install the Windows SMTP service. This in itself is odd and makes me worry, but the oddities don't stop there. Nope. Not even close.

To satisfy the requirements for the Windows SMTP service installation, you also need to install the World Wide Web service (http server), and the Internet Information Services Snap-In. The latter is obvious- Installing the Web server without any way to manage it would be bizarre. But, the fact that the SMTP service REQUIRES a web server is plain stupid!

Good server or workstation management would dictate that the fewer unnecessary services you have installed, the fewer security holes you will have to watch for. And we all know full well that Microsoft's http server is lousy with security problems when it hasn't been installed and maintained properly.

Now, if I want to manage my users' email properties from my workstation, I have to install all of this extra software that is filled with vulnerabilities and potential honey pots for SPAM bots on a network. When you consider this is a management workstation, that's a pretty scary scenario! My PC has fewer checks against it by our security devices, simply by nature of my job! Now, I'm second guessing if just logging into a server every time I need to make a change isn't a bad idea.

Either way, smarten up Microsoft. Seriously. Installing a web server on a mail server is a retarded idea in the first place. And just to make it all worse, the fact that I need to do all of this on a system that shouldn't have EITHER on it...that's unforgivable.