Page 2 of 2 FirstFirst 12
Results 11 to 12 of 12

Thread: For the OWA Admins out there.

  1. February 16th, 2005, 05:03 PM #11
    zencoder
    zencoder is offline
    AO Senior Cow-beller
    Moderator     zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Tiger was making an example, and I think going outside the context of what OWA does may have confused it a bit.

    Here's my clients Internet facing OWA login URL (sanitized to protect the guilty):
    https://owa.example.com/exchweb/bin/...hange&reason=0

    The announcement on Insecure.org shows how if you change the redirection URL at the end, the user get's redirected to whatever is specified. They then go on to explain how if you obfuscate the changed URL, it won't look nearly as suspicious, i.e. instead of using http://example.com/ you'd use http://3221234342/
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore
    Reply With Quote Reply With Quote
  2. February 16th, 2005, 10:10 PM #12
    SDK
    SDK is offline
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    In Exchange 5.5, the owalogon.asp page doesn't exist,
    -Simon \"SDK\"
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules