Good day everyone,
After patching one of our 32 bit Win2K3 Terminal server servers on Wednesday it became inaccessible.
We also had a connectivity issue which was a red herring as I followed up on problems on that service but eventually that lead nowhere.
I finally determined that the terminal server service had somehow moved to port 4490 – I looked into the registry and found the oddity.
Have we been hacked?
What could cause this?
Is there a way to trace what happened / when it happened?
Thanks in advance and,