Mar 12 2021 05:20 PM
We have Exchange Server 2013 on a Windows 2012 R2 server running but we no longer use the exchange software for email--the services are still running however. We still need the server for other reasons (DC) and do not want it compromised by Hafnium. What services can we disable to protect the server?
Mar 13 2021 03:24 AM
Hi @SOS4SOS ,
Note: This is not the best practice to keep DC and exchange on the same server.
If the exchange service is completely blocked from the internet, it’s basically safe. But Microsoft still suggests doing the patching ASAP.
I will suggest stopping all the Exchange services and DISABLED them permanently to avoid any risk in the future.
Thank you,
Regards,
MD
please do like and share this post, if my answer resolved your issue..
Mar 13 2021 04:41 AM - edited Mar 13 2021 04:42 AM
Hi @MDadarkar ,
Thank you for the reply. Yes we migrated the mailboxes to Exchange online over 2 years ago, but kept exchange services running. Do you mean that by disabling the Exchange Services it is blocked from Internet or is there an additional way to block exchange from Internet-like a port or something? And is there a particular order to disabling services-there are many!
Thank you.
Mar 13 2021 06:23 AM
Hi @SOS4SOS ,
I hope this is informative.
Thank you,
Regards,
MD
Mar 13 2021 07:01 AM
Mar 13 2021 07:15 AM
Hi @SOS4SOS ,
Do you have a Hybrid configuration??
Please go through with the below link.
I hope this is informative..
Mar 13 2021 07:32 AM