Win2k machine hacked with Serv-U FTP etc
- From: "JM" <jm@xxxxxxxxx>
- Date: Mon, 29 May 2006 15:32:32 GMT
My father's Win2k machine has been hacked. Saturday he called me in a
panic, and when I got to his house I could see why. There were windows
opened all over his desktop (I will upload screenshots to my web server if
it will help), a command window starting the Serv-U FTP service and checking
ipconfig settings, a web browser opened to his router with a service started
on port 333, a shortcut to an app, and the 2000 services and computer
mngment window.
I'm not familiar enough with 2000 to know how to investigate exactly what
happened. What I'm more interested in is where to go from here. My gut
tells me to immediately backup all his important files, reformat, reinstall,
and set him up with improved security measures. I also think a call to his
cc companies are in order, as well as changing all passwords to all
accounts, websites, etc.
What were the hacker's main purpose?
Please advise me in other ways. I'm not interested in finding fault with
how he had things set up, other than to learn from his mistakes. While he's
not a computer expert, he's not a newbie either.
thank you,
wjm
.
- Follow-Ups:
- Re: Win2k machine hacked with Serv-U FTP etc
- From: Roger Abell [MVP]
- Re: Win2k machine hacked with Serv-U FTP etc
- From: JM
- Re: Win2k machine hacked with Serv-U FTP etc
- Prev by Date: Re: Eventlog Errors ID 8 source KDC
- Next by Date: Re: Win2k machine hacked with Serv-U FTP etc
- Previous by thread: Re: User Accounts in Group not working
- Next by thread: Re: Win2k machine hacked with Serv-U FTP etc
- Index(es):
Relevant Pages
|
|
