Zolf
asked on
Have I been hacked
Hello there,
I have a server on which I have my setup software which I have implemented and today morning the users called me saying they could not access my software which was weird for me. my users RDP my server to use my application. my server is HP Proliant with ILO2.i logged in via ILO2 and i came to know that my sever was switched off.then when i went to the log information of the ILO2 i saw at around 4 am my server was powered off. I then powered my server and all was fine now.then i logged into my server 2003 server and checked its event viewer log and there i saw some anaonynous login,which i am not sure what it is.can somebody please help me figure it out.i have attached my ILO2 and msserver 2003 log.
cheers
zolf
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
>> If the machine was shut down deliberately, then the system log will have a record of which account issued the shutdown request.
were can i find this please
>>Do you have dual redundant PSUs? You may have a faulty PSU.
yes,but both are working fine
were can i find this please
>>Do you have dual redundant PSUs? You may have a faulty PSU.
yes,but both are working fine
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thanks
ASKER
12-04-2011-09-16-52.gif
12-04-2011-09-27-16.gif