Avatar of crp0499
Flag for United States of America asked on

Have I been hacked?

so, all weekend, I've been using RDP to access this remote server.  my settings (domainname\username and password) are saved so that when I hit connect, I log right in.

when I log in, I get the local physical host, and i go to hyper-v to manage my virtual server.

so, this morning, I can't log in.  my local username/password combo, the one I've been using all weekend, doesn't work.

when my local tech attempts to log in, he only has two usernames to choose from.  one is administrator and the other if office$

the office$ is unknown to me.

so, I think I've been hacked.  the password for administrator would not have been difficult to guess.

so, I'm going to boot with the NT crack utility, reset the local administrator password, and then try again.



Windows Server 2008Security

Avatar of undefined
Last Comment

8/22/2022 - Mon

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question

When you RDP to 65.65.xx.xx, my public IP, you hit a physical host.  A dell T710 to be exact.  

It's the local UN/PW on that physical host that has been hacked I think.

From there, you can load hyper-v and see the on VM I have on there.

at present, the local VM is good to go.

there is nothing on the local box at all so it seems that if my UN/PW has been changed, it was just a nusiance thing since the router config is unchanged.
Your help has saved me hundreds of hours of internet surfing.