<div>
When you RDP to 65.65.xx.xx, my public IP, you hit a physical host. &nbsp;A dell T710 to be exact. &nbsp;<br />
<br />
It's the local UN/PW on that physical host that has been hacked I think.<br />
<br />
From there, you can load hyper-v and see the on VM I have on there.<br />
<br />
at present, the local VM is good to go.<br />
<br />
there is nothing on the local box at all so it seems that if my UN/PW has been changed, it was just a nusiance thing since the router config is unchanged.
</div>


When you RDP to 65.65.xx.xx, my public IP, you hit a physical host.  A dell T710 to be exact.  

It's the local UN/PW on that physical host that has been hacked I think.

From there, you can load hyper-v and see the on VM I have on there.

at present, the local VM is good to go.

there is nothing on the local box at all so it seems that if my UN/PW has been changed, it was just a nusiance thing since the router config is unchanged.

<div>
<div class="content wysiwyg-content">
so, all weekend, I've been using RDP to access this remote server. &nbsp;my settings (domainname\username and password) are saved so that when I hit connect, I log right in.<br />
<br />
when I log in, I get the local physical host, and i go to hyper-v to manage my virtual server.<br />
<br />
so, this morning, I can't log in. &nbsp;my local username/password combo, the one I've been using all weekend, doesn't work.<br />
<br />
when my local tech attempts to log in, he only has two usernames to choose from. &nbsp;one is administrator and the other if office$<br />
<br />
the office$ is unknown to me.<br />
<br />
so, I think I've been hacked. &nbsp;the password for administrator would not have been difficult to guess.<br />
<br />
so, I'm going to boot with the NT crack utility, reset the local administrator password, and then try again.<br />
<br />
thoughts?<br />
<br />
thanks<br />
<br />
cliff
</div>
</div>


so, all weekend, I've been using RDP to access this remote server.  my settings (domainname\username and password) are saved so that when I hit connect, I log right in.

when I log in, I get the local physical host, and i go to hyper-v to manage my virtual server.

so, this morning, I can't log in.  my local username/password combo, the one I've been using all weekend, doesn't work.

when my local tech attempts to log in, he only has two usernames to choose from.  one is administrator and the other if office$

the office$ is unknown to me.

so, I think I've been hacked.  the password for administrator would not have been difficult to guess.

so, I'm going to boot with the NT crack utility, reset the local administrator password, and then try again.

thoughts?

thanks

cliff

Have I been hacked?

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.

Windows Server 2008

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.