Microsoft 1 - page 87

Chapter 5: Protection 79

File Extension File Type

.msp Microsoft Windows Installer patch

.mst Microsoft Visual Test source files

.pcd Photo CD image, Microsoft Visual compiled script

.pif Shortcut to MS-DOS programs

.reg Registration entries

.scr Screen saver

.sct Windows script component

.shb Shell Scrap object

.shs Shell Scrap object

.url Internet shortcut

.vb VBscript file

.vbe VBscript encoded script file

.vbs VBscript file

Note: Not all attachments considered to be dangerous are blocked by this patch. For example,

the Microsoft Access file types .mda and .mdz are not blocked, nor are zipped versions of any

of the above files.

It is good practice to quarantine all suspect content, where it can be examined individually

before deciding whether it can be safely passed on or not.

While this security patch can be useful in preventing the use of unauthorized attachments,

it is important to remember that for it to work across the user community, it depends on

everyone using a client with the patch. Therefore, to be fully protected you would need to

ensure not only that MAPI clients each contained the patch, but also prevent access via

POP3, IMAP4, or HTTP.

For more information about the Outlook Security Patch, see the knowledge base article

Q262631.

Many organizations prohibit the receipt of scripts written in Microsoft Visual Basic®

Scripting Edition (VBScripts) through e-mail. If you choose to do this, it will not prohibit

those who want to receive and run VBScripts from doing so, for they can simply ask the

sender to use a different file extension and then change it back to .vbs on arrival. It will,

however, prevent the running of VBScripts that have not been pre-arranged. If you wish to

go further in preventing the effects of VBScripts, you will need to prevent them from

running at the client at all.

Again, the best way of dealing with the threat of attachments is to educate the user

community.

Contents

Main ii Contents Chapter 1 Introduction 1 Chapter 2 Capacity and Availability Management 11 Change and Configuration Management 37 Chapter 4 Enterprise Monitoring 53 Chapter 5 Protection 71 Chapter 6 Glossary 97 Support 89 Page Page Page Introduction Microsoft Operations Framework (MOF) Page How to Use This Guide Efficiency, Continuity, and Security Figure 1.2 Efficiency Continuity Security Chapter Outlines Planning and Deployment Service Level Agreements Features Performance Recovery Support Related Topics Page Capacity and Availability Management Capacity Management Page Page Availability Management Service Hours Service Availability Minimizing System Failures Decreasing Single Points of Failure Increasing the Reliability of Exchange 2000 Minimizing System Recovery Time Performance Tuning Making Changes to the Registry No Performance Optimizer Optimizable Features Tuning Considerations Upgrading from Exchange 5.5 to Exchange 2000 Tuning the Message Transfer Agent (MTA) Tuning SMTP Transport Mailroot Directory Location SMTP File Handles Page Store and ESE Tuning Online Store Maintenance Online Backups Choosing the Correct Maintenance Strategy Extensible Storage Engine (ESE) Heaps Store-Database Cache Size Page Log Buffers Tuning Active Directory Integration Page Tuning Outlook Web Access (OWA) Page Hardware Upgrades Page Change and Configuration Management Prerequisites Change Management Defining Change Type Step 1 Request for Change Is Submitted to Change Manager Step 2 Change Manager Assesses the RFC Step 3 Change Is Passed to IT Executive Committee for Approval Step 4 Change Is Passed to the Change Advisory Board for Scheduling Step 5 Change Is Passed to the Change Owner Step 6 Change Process Evaluation Minor and Standard Changes Scripting Minor and Standard Changes Security Software Control and Distribution Documentation Configuration Management Tools for Configuration Management Configuration Management and Change Management Configuration Items Page Page Page Defining Configuration Items Configuration Management and Exchange Maintaining the Configuration Management Database Change Management Ownership Security Backup Exchange System Policies Administering System Policies Page Enterprise Monitoring Prerequisites Performance Monitoring System Monitor Exchange 2000 Objects and Counters to Monitor Service or Resource Performance Object Information Store Counters SMTP Server MSExchangeMTA and MSExchangeMTAConnections MSExchangeIM Virtual Servers MSExchangeAL Windows 2000 Objects and Counters to Monitor Table 4.2 Subjects and Associated Objects and Counters Subsystem Object Counter Exchange Comments Subsystem Object Counter Exchange Comments Centralized Monitoring Event Monitoring Event Viewer Log Files Centralized Event Monitoring Availability Monitoring Monitoring and Status Tool Adding Services to the Default Configuration Monitoring Resources Notifications Status Disabling Server Monitoring Centralized Availability Monitoring Client Monitoring Page Page Protection Chapter Start Point Chapter End Point Protection Against Hacking Firewall Operations Maintaining Firewall Availability Ensuring That Only the Correct Traffic Passes Through the Firewall Monitoring Against Hacker Intrusion Dealing With Security Breaches Anti-Virus Measures Staying Current Dealing With Virus Infection Blocking Attachments at the Client Page Disaster Recovery Procedures Backing Up Page Offline Backup Disk Imaging Restoring Recovering Individual Messages Recovering Lost Mailboxes Recovering Exchange Stores and Storage Groups Full Exchange Server Recovery Recovering Exchange After Active Directory Failure Alternate Server Recovery Recovery Testing Page Page Support Providing Support for End Users Reducing End User Support Costs Page Problem Reporting Dealing with User Problems Notifying Users Exchange Problem Management Page Page Glossary