Solved

IIS5.0  hacked

Posted on 2006-07-05
6
236 Views
Last Modified: 2013-12-04
Our IIS5.0 running on 2000serversp4 was hacked. The hackers put a d.text file in and overwrote the html files of each domain names.
It says you've been hacked by cyberlords-Islam.. then a file says it ownz ,,,,
we have applied fixes problem still there. HOw can we restore the files?
thx
0
Comment
Question by:ungeek
  • 2
6 Comments
 
LVL 70

Expert Comment

by:Chris Dent
ID: 17051772

Restore them from a backup or replace them from the original site files which presumably someone has.

Chris
0
 

Author Comment

by:ungeek
ID: 17052139
Backup was comprised and the client didn't save site files.
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 250 total points
ID: 17052415

Hmm... Undelete type tools may help depending on how the files were replaced (that is, modified or replaced). It may be worth a try. It's pretty much all that's left really. Clients really really should maintain full copies of their sites, hosting a site is always a risk no matter how up to date and secure the platform is.

Chris

0
 
LVL 32

Assisted Solution

by:r-k
r-k earned 250 total points
ID: 17063750
Try GetDataBack (http://www.runtime.org/gdb.htm)
The free demo version will at least tell you what can be recovered.
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Change Polcy settings to defaults 7 90
Updating clients Trend Micro (OfficeScan) Console 5 99
Forensic audit of SBS 2008 3 91
Using cipher to decrypt files. 4 79
This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question