crp0499
asked on
Have I been hacked?
so, all weekend, I've been using RDP to access this remote server. my settings (domainname\username and password) are saved so that when I hit connect, I log right in.
when I log in, I get the local physical host, and i go to hyper-v to manage my virtual server.
so, this morning, I can't log in. my local username/password combo, the one I've been using all weekend, doesn't work.
when my local tech attempts to log in, he only has two usernames to choose from. one is administrator and the other if office$
the office$ is unknown to me.
so, I think I've been hacked. the password for administrator would not have been difficult to guess.
so, I'm going to boot with the NT crack utility, reset the local administrator password, and then try again.
thoughts?
thanks
cliff
when I log in, I get the local physical host, and i go to hyper-v to manage my virtual server.
so, this morning, I can't log in. my local username/password combo, the one I've been using all weekend, doesn't work.
when my local tech attempts to log in, he only has two usernames to choose from. one is administrator and the other if office$
the office$ is unknown to me.
so, I think I've been hacked. the password for administrator would not have been difficult to guess.
so, I'm going to boot with the NT crack utility, reset the local administrator password, and then try again.
thoughts?
thanks
cliff
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It's the local UN/PW on that physical host that has been hacked I think.
From there, you can load hyper-v and see the on VM I have on there.
at present, the local VM is good to go.
there is nothing on the local box at all so it seems that if my UN/PW has been changed, it was just a nusiance thing since the router config is unchanged.