Evaluate your Exchange 2000 application level security.

Application level security is all about having the latest patches applied to your Exchange 2000 server. It's half the security battle, with the other half being configuration. Most of the responsibility for application level security is Microsoft's, all you have to do is apply the patches. But with a never ending stream of patches that sometimes isn't the easiest job, especially if you are inheriting the server from another admin. So here are three tools to help you maintain your application security:

Symantec Security Check
An easy way to evaluate your risks. It's not all inclusive but it will point out glaring security holes. Try running this free symantec tool from the Exchange server and other nodes in your network.

http://security1.norton.com/ssc/home.asp?j=1&langid=us&venid=sym&plfid=22&pkj=PGDDVYRMHCGVRVRMNRY


Microsoft Network Security Hotfix Checker
Do you have all the latest patches? This tool can help:

http://www.microsoft.com/downloads/release.asp?releaseid=31154


Microsoft Product Security Notification Service
If you are an admin for any Microsoft product you need to be on this list. Send an email to subscribe to the Service by following these steps (from MS website):

Send an e-mail to securbas@microsoft.com. The subject line and the message body are not used to process the subscription request, and can be anything you like.

Send the e-mail.

You'll receive a response, asking you to verify that you really want to subscribe. Compose a reply, and put "OK" in the message body. (Without the quotes). Send the reply.
You'll receive two e-mails, one telling you that you've been added to the subscriber list, and the other with more information on the notification the service and its purpose. You'll receive security notifications whenever we send them.