Solved

One of my Win2K server is being exploited

Posted on 2011-03-05
3
335 Views
Last Modified: 2012-05-11
I have an old w2k server that I have custom code on, that will not work on the newer OS's so, the server can't be upgraded, and I have maybe 5 independent companies working on multiple servers including this one on various projects.

Here is the problem, after a ton of implementation costs to upgrading the entire environment to be PCI compliant, I now have someone rewriting the credit card numbers back into our database, and several other reoccurring PCI violation exploits. Its not a bug it is very intentional but, by whom.

I'm afraid I have ticked off one of the consultants and he/she is looking to turn us in, so we take the massive hit from storing cc # in an non PCI compliant environment.

I need to track all interaction changes in/on a windows server 2000 (standard edition) in regards to custom jsp pages. I haven't been able to find anything that works in W2k environment, as far as intrusion detection or even access tracking. "Spector Pro Server"  unfortunately only works in a windows server 2003 (and up) environment.

Any suggestions? I am recreating the entire functionality in a private cloud but, I am absolutely not ready to bring it live.

Thanks for the input.
0
Comment
Question by:tra-mis
  • 2
3 Comments
 
LVL 15

Accepted Solution

by:
Russell_Venable earned 500 total points
ID: 35046668
0
 

Author Closing Comment

by:tra-mis
ID: 35046676
Thank you very much for you help!
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 35048136
Np.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Back in July, I blogged about how Microsoft's new server pricing model, combined with the end of the Small Business Server package, would result in significant cost increases for many small businesses (see SBS End of Life: Microsoft Punishes Small B…
I have put this article together as i needed to get all the information that might be available already into one general document that could be referenced once without searching the Internet for the different pieces. I have had a few issues where…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question