Vijaya, I am not sure what country you are from but if your site has sustained monetary damages (traceable damages) of $1000.00 or more you should also report this to the FBI. Other than that, I would be very leery of using that windows server until it has been completely reformatted. Whether or not you go with Linux or back to Windows is up to your requirements. I know that I worked in a place that required we use a Win2K server for a web site and it eventually got hacked into by some Chinese group. The NSA has published an exhaustive booklet on hardening Win2K boxes and I would recommend downloading that PDF document and going through it...if you are planning on staying with Win2K. The biggest difference between the standard install of server 2K and Linux is that Windows defaults everything "ON" to make it easier to get up and running while Linux requires you to turn on what you need to get it running. The reason that I say you should not feel comfortable with that existing Win2K server is because you do not know if a root kit has been installed or your kernel modified. You don't know what hidden directories you may have on there. For all you know, your corporate server may be serving out illegal materials - i.e. child porn or warez software - or both. I would get another server in place ASAP and take that one down for careful analysis and choose my fate from there. A rash decision one way or the other may land you in a worse predicament down the road. Hope that helps. DF
On Thu, 2003-08-28 at 02:45, vijaya wrote: > Hi all, > I have a website running on windows 2000 and its being hacked ..some pages > have replaced..I ran a port scan from linux and saw few ports open.. > > What other measures should i take.. > > The website is on a remote server whcih has 2000 server installed > > Help pls > > Regards, > Vijaya > -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
