Re: w2k server compromised
From: H C (keydet89@yahoo.com)
Date: 01/24/03
- Previous message: The Blueberry: "Re: Stopping Admin Alert SPAM"
- In reply to: Dan Uscatu: "w2k server compromised"
- Next in thread: Laura A. Robinson: "RE: w2k server compromised"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 23 Jan 2003 17:31:34 -0800 (PST) From: H C <keydet89@yahoo.com> To: focus-ms@securityfocus.com
Dan,
Perhaps the more important question is...do you have
to export them at all? What is the system infected
with? Is it a SYSTEM-level infection? If not, you
may be able to clean the system, close the hole, and
not have to worry about it.
Drop me a line if you have some specific concerns.
Carv
--- Dan Uscatu <duscatu@lunatech.ro> wrote:
> hey all
>
> i just found one of the w2k servers to be infected
> and acting very
> strangely.
> unfortunately it is a domain controller and it has
> all the
> users/computers lists.
>
> how can i export these before reinstall in order to
> keep the exact same
> configuration (everything except passwords of
> course) ?
> i suppose this could be usefull to be done on a
> regular basis too...
>
> TIA
>
>
__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
- Next message: Laura A. Robinson: "RE: w2k server compromised"
- Previous message: The Blueberry: "Re: Stopping Admin Alert SPAM"
- In reply to: Dan Uscatu: "w2k server compromised"
- Next in thread: Laura A. Robinson: "RE: w2k server compromised"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
