[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

cant access server shares after being hacked

Posted on 2014-01-14
3
Medium Priority
?
311 Views
Last Modified: 2014-01-14
looks like one of my servers was hacked and has been used to mine bit coins..

this has all been cleaned up but the problem Im having is I cant \\servername or \\ipaddress to the server shares on the sbs2011 server.

(I can \\servername on the server itself and it works fine )

when I try from a windows 7 pc I get windows cannot access \\servername when I do the diagnostics the problem found says  the remote device or resource won't accept the connection.

on the windows 7 pc I can ping the server fine with either the server name or the ip address.

anyone got any ideas???

Thanks in advance
0
Comment
Question by:ibexsystems
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 22

Accepted Solution

by:
David Atkin earned 1500 total points
ID: 39779691
How was the server cleaned after the hack?

Also, was the hack an issue with Cryptoblock (or something similar) on a networked PC or an actual security breach?

I'd start by checking all auto services to make sure that they are started. Please check and report back.

Check Share and Security permissions.

Check free disk space.
0
 
LVL 2

Author Comment

by:ibexsystems
ID: 39779910
I removed the program bath files and vb scripts

checked the batch files and vb scripts before removing them deleted the registry entries that the vb script and batch files made..

deleted the users that where created and transposed the rdp port to make it a little more difficult to access

also changed all passwords on the server...

all the automatic services seem to be starting fine so does the share and security permissions.

as I said above the server can access to shares on itself.

*** looks like it was a problem with Sophos and the built in firewall has gone crazy re rolled out the Sophos client and it working fine now..
0
 
LVL 22

Expert Comment

by:David Atkin
ID: 39779950
Good catch.

Thanks for letting us know.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've often see, or have been asked, the question about the difference between the Exchange 2010 SP1 version, available as part of Small Business Server (SBS) 2011, and the “normal” Exchange 2010 SP1 Standard. The answer to the question is relativ…
I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question