Link to home
Start Free TrialLog in
Avatar of Zolf
ZolfFlag for United Arab Emirates

asked on

Have I been hacked


Hello there,

I have a server on which I have my setup software which I have implemented and today morning the users called me saying they could not access my software which was weird for me. my users RDP my server to use my application. my server is HP Proliant with ILO2.i logged in via ILO2 and i came to know that my sever was switched off.then when i went to the log information of the ILO2 i saw at around 4 am my server was powered off. I then powered my server and all was fine now.then i logged into my server 2003 server and checked its event viewer log and there i saw some anaonynous login,which i am not sure what it is.can somebody please help me figure it out.i have attached my ILO2 and msserver 2003 log.

cheers
zolf
Avatar of Zolf
Zolf
Flag of United Arab Emirates image

ASKER

ASKER CERTIFIED SOLUTION
Avatar of arsaif
arsaif
Flag of United Arab Emirates image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Zolf

ASKER

>> If the machine was shut down deliberately, then the system log will have a record of which account issued the shutdown request.

were can i find this please

>>Do you have dual redundant PSUs? You may have a faulty PSU.

yes,but both are working fine
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Zolf

ASKER

thanks