[ snip ]
Quote:>1. Can somebody take over my my machine or cause any problems by going in
>through port 135 (since it will be open on the router)?
There is always the risk of attack when exposing an unprotected port
to the Internet. The primary risk with port 135 is from a DoS attack
(Denial of Service). Other risks are the use of your port 135 to
discover the OTHER ports that are operating on your system using other
"well known" services (WINS, DNS, etc) that use RPCs.
Quote:>2. How can I protect my password? When I connect to my Exchange server,
>aren't I sending my username and password for authentication by the Exchange
>server? The UNIX sys admins at work say that NT encryption isn't very good
>and they don't feel safe having that information so unproctected.
You're never sending your password when you use RPC. You send a _hash_
of your password that is used to request authentication.
If you use NT and have no Win95 or Win98 clients you can use the NTCR
and disable the use of the weaker NTLM authentication. If you use NTLM
and passwords longer than 7 chanracters, but less than 14 characters,
you do offer an attacker a better opportunity to "crack" your
password. The solution is to use 7 or 14 character passwords. Better
yet, lose the insecure clients.
To reduce the risk further, enforce the use of strong passwords and
shorten the time before a password expires. How long? That depends on
the strength of the passwords and the importance of your data.
MCSE, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm