One of my Win2K server is being exploited

I have an old w2k server that I have custom code on, that will not work on the newer OS's so, the server can't be upgraded, and I have maybe 5 independent companies working on multiple servers including this one on various projects.

Here is the problem, after a ton of implementation costs to upgrading the entire environment to be PCI compliant, I now have someone rewriting the credit card numbers back into our database, and several other reoccurring PCI violation exploits. Its not a bug it is very intentional but, by whom.

I'm afraid I have ticked off one of the consultants and he/she is looking to turn us in, so we take the massive hit from storing cc # in an non PCI compliant environment.

I need to track all interaction changes in/on a windows server 2000 (standard edition) in regards to custom jsp pages. I haven't been able to find anything that works in W2k environment, as far as intrusion detection or even access tracking. "Spector Pro Server"  unfortunately only works in a windows server 2003 (and up) environment.

Any suggestions? I am recreating the entire functionality in a private cloud but, I am absolutely not ready to bring it live.

Thanks for the input.
tra-misAsked:
Who is Participating?
 
tra-misAuthor Commented:
Thank you very much for you help!
0
 
Russell_VenableCommented:
Np.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.