Architecture of MS Exchange Server

1.         Overview

(a)        Sites are logical groupings of one or more Exchange server. Even though resources reside on different server in the site, the site groups all those resources without reference to their locations. This grouping makes using resources in the site very easy. For example, let us say that a certain mailbox physically resides on site server A. that site server is called the mailbox home server. Senders do not need to know the physical location of the mailbox in order to send messages to it. They simply see the mailbox in the site listing, and send it a message. The same principle applies to public folders in a site. The particular server a public folder is stored on is of no concern to the users wanting to access it. They simply see the public folder listed in their site and access it. This is called location transparency. From the user’s perspective a site creates a transparent messaging environment.

(b)        Exchange server comprises the final main structure in the Exchange hierarchy. These computers run the Windows NT server operating system and the Exchange server software. The Exchange servers are the physical location for mailboxes, folders, and other data and information for the site. Individual servers, while inheriting certain configuration parameters from the site (the parent), can also be individually configured. For example, even though recipients can be managed at the site level, they can also be managed at the server they were created on, their home server. All Exchange objects, as well as all related process, are created and managed by the software components that make up the Exchange product.

2.         Exchange Server Core Components.       The Exchange components are executable programs that perform the exchange functions. Some are in the form of EXE files, others are in the form of Dynamic Link Libraries (DLLs). They are referred to as core components because they are necessary for Exchange to be operational. They are also referred to as services, because they run as services on the Microsoft Windows NT server operating system. The core components include the following :-

(a)   Directory Service (DS) 

(b)   Information Store (IS) 

(c)   Message Transfer Agent (MTA) 

(d)   System Attendant (SA)

3.         Exchange Server Additional Components.    The additional components also called as Optional Components. As the name implies, are not necessary for the basic operation of Exchange. But these components could be needed for additional functionality in your Exchange environment. Optional components include the following :-

(a)        Connectors or gateways 

(b)        Outlook Web Access 

(c)        Chat Service 

(d)       Scripting Agent

(e)        Key Management

How to Importing And Exporting Data from the Directory with examples

Using Directory Export

(i)         The Directory Export utility can be used to copy objects and their properties to a file called an export file. The export file is a text file in a comma-separated value format (CSV). The new properties can be entered in the export file through any application that can read a text file as well as search, replace, and input data (Microsoft Excel is an example). Below is an example of an export file , Obj – Class, Display Name, Alias Name, Home server, Telephone- Office.

(ii)        The top line in the above example is the header line. It is like the name of the columns in a table. In the example above, the first column name is Obj-Class, which denotes the type of objects in that column, e.g. mailboxes, distribution lists, etc. the remaining headers are self-explanatory. The lines following the header line are the exchange recipient objects and their properties. In below mention Table, we placed the export file into a table format.

Obj-Class	Display Names	Alias Name	Home server	Telephone Official
Mail box	Mike Andrews	M Andrews	Education Server	201-555-6161
Mailbox	Sally Jones	S Jones	Education Server	201-555

Using Directory Import        Before you import this file back into the   exchange Directory, edit the file to reflect the changes you want. First edit the header  line to inform the import process how to process the file. This is done by adding the   word ‘Mode’ to the header line; then on each line containing an object(i.e. Mailbox, Mike Andrews, etc.), place the mode that will be used for that line. The options for  the Mode field are: create, delete and modify. The header line for our example would then look like :-

(i)         Obj –Class, Mode, Display Name, Alias Name, Home server, Telephone – Official

(ii)        We would also insert the word ‘modify’ as a new second field        for each object that we want modified. That would look like

(iii)       Mailbox, modify, Mike Andrews, M Andrews, Education Server, 201-555-6161

 (iv)       The final edit is to use a search and replace tool to change the current area code from 201 to the new number, for example, 212. this change, plus our earlier edits, are listed below :-

(aa)   Obj – Class, Mode, Display Name, Alias Name, Home server, Telephone – Official

(ab)  Mailbox, modify, Mike Andrews, M Andrews, Education Server, 212-555-6161

(ac) Mailbox, modify, Sally Jones, S Jones, Education Server, 212-555-6161 

CREATING AND MANAGING RECIPIENTS IN MS SERVER

1.         Creating Recipient Containers.

(a)        Mailboxes. A mailbox is a storage location on a Microsoft exchange server that, along with a client program, allows information to be sent, received and organized. E-mail messages, forms and file attachments are some of the typical types of information that can be sent to and stored in a mail box.

(b)        Distribution list (DL). A distribution list is a grouping of recipients. A single DL can represent a number of other recipients. Using DLs makes mass mailing easy. A message sent to a DL can be ready by all the members of that DL.

(c)        Custom recipients. A custom recipient is an e-mail address to a non –exchange e-mail user. By using custom recipients, exchange users can see a directory listing of non-exchange mail users and send them messages (The necessary connector components and other software must be in place.)

(d)       Public folders. A public folder is like a public mailbox. It is a container for information to be shared among a group of people. Public folders can contain e-mail messages, forms, word processing documents, spreadsheet files and files of many other formats. Public folders can also be configured to send information to other recipients.

2.         Creating Mailboxes.              The vast majority, if not all, of your users are going to need a mailbox. Mailboxes must be created before any exchange client software can be used. The following programs can be used to create and configure a mailbox :-

            (a)   Microsoft Exchange Administrator program

            (b)   Microsoft Windows NT User Manager for Domains program

            (c)   Microsoft exchange extracts and import tools

3.         Creating Mailboxes using Win NT User Manager for Domain.

(a)        Start the User Manager for Domains program by clicking on Start >Programs> Administrative Tools > User Manager for domains.

(b)        While in User Manager for Domains, click on User > New User. The New User dialog box will appear, giving you the ability to input the information you want associated with this new user.

(c)        While in User manager for Domains, click on User > New User. The New User dialog box will appear, giving you’re the ability to input the information you want associated with this new user.

(d)       The only field that requires information is the Username field. Enter the name John A. In the Full Name field, enter the name John Adams. Enter any other information you would like in any of the other fields

(e)        Click Add. The next dialog box you will see will be labeled “John A properties.” This is the exchange properties page for a mailbox for the user John A.

(f)        Enter John in the First name field and Adams in the Last name field. Notice the Primary Windows NT Account that will be associated with this mailbox, John A. Enter any other information you would like in any of the other fields or property taps.

(g)        Click OK. You will then be taken back to User Manager for Domains for the creation of any additional user accounts. In preparation for future exercises, create two additional users called Thomas Jefferson and James Madison. Using the same naming conventions (Thomas and James M), create mailboxes for both users. When you are finished click Close.

(h)   Go to the Microsoft exchange Administrator program and examine the John A mailbox.

4.         Creating Mailboxes Using Administrator Program.

(a)        Highlight the Recipients container in the left pane.

(b)        Select file menu > New mailbox. A properties window will appear with a number of property tabs relating to a mailbox.

(c)        On the property tab that is open, the General tab, locate the name area of the page and enter the name George in the First field. In the Last field enter the name Washington. Notice that the Display field and the Alias field are automatically completed.

(d)       You may enter information into the Address fields (such as City : Mount Vernon and State : Virginia) and into the Title field (such as President).

(e)        Click the Primary Windows NT Account button. A window labeled “Primary Windows NT Account” will appear. Two radio buttons will be on this window. Select the second radio button, labeled “Create a New Windows NT Account”. Then click OK. Another dialog box, labeled “Create Windows NT Account”, will appear. Select the NT domain in which you want to create this new account. Then, if you like, you may edit the Account Name that has been generated automatically for you (which in this case is GeorgeW). When you are finished, click OK. A dialog box labeled “Microsoft exchange Administrator” will appear stating “The password for the Windows NT Account you just created was given a blank password. The user will be required to change the password upon first logon.” After reading the message, click OK.

(f)        You may click on the Organization tab and the Phone/Notes tab. Feel free to enter any information you like.

(g)        Click on the Permissions tab to view the accounts that have permissions to this mailbox. You will see that your site service account has inherited the role of Service Account Admin. and the George W has the permissions associated with the User role.

(h)        Click on the E-mail Address tab to view the non – exchange address that the System Attendant automatically generates for each exchange recipient.

5.         Creating Mailboxes Using Extract and Import.

                        (a)        Extract  

(i)         While in the Microsoft exchange Administrator program, click on tools > Extract Windows NT Account List. Windows NT User Extraction screen will appear.

(ii)   Choose the domain and domain controller from which you want to extract user accounts.

(iii)   Click OK. The extraction will now take place. If it is successful, you will see an information dialog box labeled “NT User Extractor Complete” and stating “Extraction of Windows NT user account information to the file C:\exchsrvr\bin\exercise.csv is complete. No errors were encountered.” Click OK

(iv)   Click Browse. In the File name field, you must enter a file name for the information that will be extracted. Choose the file name exercise. CSV.  Click Save.

(b)        Import  

(i)   While in the Microsoft exchange Administrator program, click on Tools > Directory import. The Directory import dialog box will appear.

(ii)   Choose the domain that you chose in Extracting User Information in Preparation for Creating a Mailbox.

(iii)   Click import File. This will enable you to choose the extraction file that has the information you want to import. Choose the exercise. CSV file and the click Open.

MS EXCHANGE SERVER

1.         Introduction.

(a)        Exchange Server allows you to thoroughly pick and choose which servers   will perform which tasks.  You’re provided with heavy–duty granularity in the way     that you design your e-mail databases, where you put your databases,  which servers            do which tasks, and so forth.  Assay the existing messaging environment to see if          you can discover which servers perform the following functions :

(i)   Mailbox server

(ii)   Public Folder Server

(iii)   Connector Server

(iv)   Site Connector Server

                                  (v)   Third Party Connectors.

(a)                Microsoft Exchange is a client/server enterprise messaging product. “OK”,

but what is a client/server enterprise messaging product.

2.         Client/Server Massaging Service.

(a)        An enterprise needs information in order to get work done. Information is its oxygen. Frequently information is the work and the product ( for example, a consulting company). In this context electronic messaging has become a mission-critical function in most organizations. While electronic mail (e-mail) is still the core ingredient, other applications are now included in this category. The category of messaging can be divided into the following sub categories :-

(i)   E – mail

(ii)   Workflow

(iii)   Electronic Forms

(iv)   Groupware

(v)   Other Messaging applications.

(b)        Exchange is a client/server messaging system. The Exchange Server            software runs as a on application on a Windows NT Server. It provides server side           messaging functions for the client applications. Exchange also ships with the client    applications noted earlier in this chapter. These programs, along with third-party    applications like Web browsers, provide the client side functions such as making    requests to the server and creating and manipulating data.

3.         Core Components.         The exchange components are executable programs that perform the Exchange functions. Some are in the form of exe files, others are in the form of Dynamic Link Libraries (DLLs). They are referred to as core components because they are necessary for Exchange to be operational. They are also referred to as services, because they run as services on the Microsoft Windows NT Server operating system. The core components include the following :-

(a)        Directory Service (DS).         Its post Office Service is “Creation of a Comprehensive Address Book.

(b)        Information Store (IS).          Its post Office Service is “Storage and delivery of Mail.

(c)        Message Transfer Agent (MTA).    Its post Office Service is “Routing decisions for mail to be sent between post offices.

(d)       System Attendant (SA).             Its post Office Service is   “Creation of a             Comprehensive Address Book.

4.         Types of Recipient Objects.

(a)        Mailboxes.

(b)        Distribution list (DL).

(c)        Custom recipients.

(d)       Public folders.

What is WWW (World Wide Web)?

(a)        WWW or W3 stands for the World Wide Web. The World Wide Web is an  information retrieval system based on a set of inter-linked hypertext documents             residing on HTTP servers all over the world.

            (b)        Hypertext Transfer Protocol (HTTP) is the protocol used on the World Wide Web to transport web pages and the data associated with them. A URL that begins

with httpretrieves a web page specified by the URL. For example, http://www.vispl.com is the World Wide Web address of VISPL.

            (c)        Tim Berners-Lee developed W3 in 1989 for the European Laboratory for   Particle                   Physics (CERN).

(d)       Hypertext words or areas on the screen are expandable, leading to more details about a subject. WWW hypertext documents contain embedded links to information spread throughout the world. As one link is selected and then another and another, a web of interrelated information gets built.

            (e)        The W3 uses Client-Server technology. Web servers distributed throughout the                       Internet, store hypertext documents, which contain links to additional Internet   resources. A             Client program, called a Web browser, downloads Web documents as   well as the codes                  required for accessing any links that appear in the document.

1.         File Transfer Protocol (FTP)              FTP was designed to move files between two computers on a TCP/IP network. IIS supports FTP through Windows Sockets. FTP uses TCP as its transport protocol for all communication and data exchanges between the client and the server. However, IIS communicates with Windows Sockets, and then Windows Sockets interfaces with TCP.

2.         Methods of Communicating on Net                 There are different "types of communication" available to Internet user with Internet account. They are :-

(a)   Electronic Mail (E-mail)

(b)   Newsgroups

(c)   Telnet  

Electronic Mail          It let's you send messages, documents, even voice and video to people, anywhere in the world. Many businesses are finding that E-mail is becoming more important than the Fax for them to stay in contact with their customers.

Newsgroups        They operate as Electronic Message Boards and discussion groups. Although they do not really contain news, newsgroup information on almost any subject.

Telnet          It is an Internet exploration tool that allows your computer to connect to another Network for remote terminal connection. By providing terminal emulation via TCP , it allows a user of one host to log in to a remote host and interact as a normal user there. It is widely used to access databases and explore public access computer systems.

3.         Dial-up Networking

(a)        Dial-up networking is a Win-98 component that allows connecting, to a      network by using modem.

(b)        To Install Dial-Up Networking, follow the steps-

(i)   On your desktop click the Start button; go to Settings and then Control Panel.

    

(ii)   In the Control Panel dialog box, select Add Remove Programs icon.

(aa)     In Add Remove Programs PropertiesDialog Box, choose Windows Setup Tab and then Communications option.

(ab)    Make sure that Dial-Up-Networking option is checked in the Communications box.

(c)   Click Apply to add the Dial-up Component.

4.         World Wide Web      The Internet is a global "Network of Networks". It is a massive collection of Computers that connects millions of Computers, People, Software Programs, Databases and Files

5.         Uses of WWW           Like many Internet tools, the WWW uses Client/Server Architecture Web servers distributed throughout the Internet store Hypertext documents, which contain links to additional Internet resources. A client program, called a Web Browser,  downloading Web documents, as well as the codes required accessing any links that appear in the document.

6.         Advantages of World Wide Web Include

(a)        A link in a Web Document can be used to open other documents.

(b)        Web Pages can contain pictures, buttons and even links to sound files, in addition to text, thus allowing Multimedia applications.

(c)        Sophisticated Web Documents allow the user to interact with the applications        through Dialog Boxes and Forms.

7.       WWW Browsers.

(a)        Web Browsers are Software Packages that display Web page containing Text, Graphics, Audio and Video files and links to various other pages, and makes the connection necessary to follow Hypertext Links.

(b)        The information returned using Browsers can be incorporated document or can be                 saved as files.

(c)        The best browsers have additional features that save time and make it         easier to                navigate and use the resources of the web.

8.       Browsers.

(a)        Graphic Oriented    Graphical browsers display images, as well as text, and offer Hyperlinks to multimedia resources, including sound and video files. For Example- Netscape Navigator , Internet Exp lorer , Mosaic, Eudora.

            (b)        Text-Oriented       Text oriented browsers enables us to follow web            Hypertext               links but do not display non-text web resources. For Example-Linux

9.       Browser plug-Ins.

(a)        Browser is capable of retrieving and displaying information in a variety of text and                  graphic formats. However the Internet’s Web servers may contain a wide      variety of file                   formats that are beyond a browser’s ability to handle. 

            (b)        There are two ways a browser can be modified to handle these diverse file                              formats

(i)   Helper Applications     It works as a distinct application, separate from           the              Browser.

            (ii)   Plug-In Application    Plug-in application actually expands the                                           functionality of the browser software as required to handle a particular file.

Internet

1.         Introduction

(a)        Internet is a worldwide collection of computers, networks and gateways . It consists of millions of computers connected to each other through telephone lines, fiber optics, satellite links or other communication lines. Each of these computers contains information that can be accessed by anybody with the right kind of equipment.

(b)        Once connected to the Net, you become a part of a community of millions who use computers to communicate with one another and share ideas and information.

(c)        Computers use protocols to communicate with one another. At the heart of the Internet are high-speed data Communications lines between major host computers, consisting of thousands of commercial, government, educational, and other computer systems that route data and messages.

(d)       Internet offers a range of benefits to users, such as E-Mail, Downloads,                                       Information, Products, Services and much more.

2.         Browsers

(a)    A browser is a client application used to access the information on the World Wide Web. The browser interprets the markup of files in HTML, formats them into Web Pages and displays them to the user. It also makes the connection necessary to follow Hypertext Links. These links bring you information from Web servers and other types of resources, which may be located anywhere on the Internet.

(b)    Browsers are either Graphical or Text oriented. The Graphical browsers display images, as well as text, and offer Hyperlinks to multimedia resources, including sound and video files.

(c)    The Text oriented browsers like the Lynx enables you to follow web hypertext links but do not display non-text web resources.

(d)    The best browsers have additional features that save time and make it easier to navigate and use the resources of the web. Look for one that is Forms capable and has some timesaving features. The most popular browsers available today are the Netscape Navigator and Microsoft Internet Explorer

Viruses, Trojans, Worms & Types

 Virus 
           

(a)        A Computer virus is a software program designed to function in a manner diametrically opposed to legitimate software.

(b)        It will load and run without a request. To meet the minimum criteria for computer virus design, a program must be executable, be capable of cloning itself and converting other executable objects into viral clones. Hence, it may be a simple DOS batch file.

Types of Virus           There are six types of Computer viruses

                (a)    Boot Sector Infectors (BSI)  
                (b)    Command Processor Infectors (CPI) 
                (c)    General Purpose Infectors (GPI)       
                (d)   Multipurpose Infectors (MPI)
                (e)    File specific Infectors (FSI)   
                (f)    Memory Resident Infectors (MRI).

Boot Sector Infectors            Computer viruses that specialize in altering data in the master boot sector are called BSIs. They are loaded immediately upon system start up, before the command processor loads and of course before any anti-viral program can be loaded 

Command Processor Infectors        CPIs affect the hidden files as well as the command processor the COMMAND.COM file. These viruses have the advantage of examine a large majority of the interaction between the user and the computer.

General Purpose Infectors        GPIs are designed for the broadest range of infections compatibility. They infect any or particular executable files. They adapt well to most executable file formats, moving quickly among files

Multi Purpose Infectors         MPIs are designed to combine some or all the infectious tributes of the BSIs, CPIs and the GPIs. They are a potent, adaptable and deadly combination of computer virus technologies.

File specific Infectors            FSIs target a fixed number and fixed type of files. FSIs are viral cruise missiles, programmed to seek out and destroy the intended target files and property.

Memory Resident Infectors        MRIs could be boot sector or command processor infectors. They are always loaded and active. 

How a Proxy Passes Traffic, Stateful inspection, Interfaces & Address Translation

How a Proxy Passes Traffic.

(a)        Unlike its packet-filtering counterparts, a proxy does not route any traffic. In fact, a properly configured proxy will have all routing functionality disabled. As its name implies, the proxy stands in or speaks for each system on each side of the firewall.

(b)       For an analogy, think of two people speaking through a language interpreter. While it is true these two people are carrying on a conversation, they never actually speak to one another.

(c)        All communication passes through the interpreter before being passed on to the other party. The interpreter might have to clean up some of the language used, or filter out comments or statements that might seem hostile. To see how this relates to network communications, refer to Figures.

(d)      Our internal host wishes to request a Web page from the remote server. It formulates the request and transmits the information to the gateway leading to the remote network, which in this case is the proxy server.

(e)        Stateful inspection of an application is unique for each application. Any non-predicted ports used by an application are validated and allowed through the firewall using stateful inspection. The following applications are inspected.

(f)        Connections are not only applied to an ACL, but are logged into a state table.

(g)        After a connection is established, all session data is compared to state table.

(i)         FTP

(ii)        TFTP

(iii)       RCMD

(iv)       SQLNETe.

(v)        VDOLive

(vi)       RealAudio.

(aa)      Connections are not only applied to an ACL, but are logged into a state table.

(ab)      After a connection is established, all session data is compared          to state table.

  Stateful inspection    

(a)        Some protocols are difficult to allow through a firewall securely using traditional filtering mechanisms. In FTP, for example, the control connection is typically created using a known port, but the data connection is over a random port. To allow an FTP data connection through a firewall without leaving a large number of open ports requires stateful inspection: packets are inspected at the application layer to determine which port the data connection is using. Traffic on that port can then be allowed to pass through the firewall for the duration of the FTP session.

(b)        Transport-level state inspection provides a number of ways to make TCP traffic more secure and more difficult for hackers to intercept. Stateful inspection of TCP consists of verifying the consistency of the TCP header as well as preventing

some well-known TCP attacks.

            (c)        Any non-predicted ports used by an application are validated and allowed             through the firewall using stateful inspection. The applications inspected are : FTP,       TFTP, RCMD, SQLNET, VDO Live and Real Audio.

 Interfaces      

(a)        The Secure IP Services Gateway can have many interfaces. Each tunnel (end user or branch office) is a virtual interface, and all gateways have two or more physical interfaces. Packets can be classified by the interface on which they arrive at the source interface or the interface on which they leave the (the destination interface).

(b)        The rules in a policy can be constructed to either use or ignore this classification. If the rule designates “Any” as an interface, the rule ignores this classification. If the rule designates an interface or group of interfaces, the rule uses this classification.

(c)        The rules in any policy can use the following terms to designate an interface:-

(i)         Any                 –          Any physical interface or tunnel.
(ii)        Trusted            –          Any private physical interface or tunnel.
(iii)       Untrusted        –          Any public physical interface.
(iv)       Tunnel             –          Any tunnel.

 Address Translation            When an IP address is converted from one value to another, it is called address translation. This feature has been implemented in most firewall products and is typically used when you do not wish to let remote systems know the true IP address of your internal systems.

Destination IP                         -           206.121.73.5  
Source port                  -          1058
Destination port          -           80

Address translation  
Source IP                    -           192.168.1.50  
Destination IP             -           206.121.73.5  
Sourceport                   -           1037
Destination port          -           80