Find Out If Windows Server System Hacked / Cracked Or Not

by on May 29, 2008 · 4 comments· LAST UPDATED May 29, 2008

in , ,

Some time my work force me to do detective work on MS-Windows boxes. Just like Linux / UNIX / BSD system , Windows machines get *owned* a lot. Recently while searching for information I came across couple of nice built-in windows command line security tools to determine if a system has been hacked cracked.

Fortunately, Microsoft has built numerous tools into Windows so administrators and power users can analyze a machine to determine whether it's been compromised. In this tip, which is the first of a two-part series, Author has covered five useful command-line tools built into Windows for such analysis.

=> Built-in Windows commands to determine if a system has been hacked : Part I and Part II

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 4 comments… read them below or add one }

1 akim June 20, 2008 at 10:00 pm

Blah who has time for all that. Find a dedicated managed server. I run with Server Intellect fully managed. They run full scans for me each month. One less thing I have to worry scan for. Spend more time being productive and less time chasing down wanna be hacker kiddies.

Reply

2 henrik September 6, 2008 at 8:30 am

… seriously?

Every month?

What, so if you got compromised, that’s no problem, because you’ll find out like 4 weeks later.

Meanwhile some dude in Belarus has all your customer data, credit cards, etc

…or do you work for Server Intellect?

Reply

3 henrik September 6, 2008 at 8:33 am

(Incidentally that’s not a jab at Server Intellect, I’m not familiar with them and they’re probably fantastic for all I know)

btw Great articles, though they would have been better if they pointed out which command line tools were more useful than others at spotting common cloaked rootkits..

Reply

4 akim September 22, 2008 at 5:27 pm

Henrick I think your missing the point, I have someone who runs scans for me. I still continue to monitor and run scans myself but I have a third party also reviewing and watching my server and updating it if I dont get the chance to right away. Plus if I do get rooted, I have some support to back me up and resolve issues. Most people that run their own servers wouldn’t know a root kit if it bit them in the ass. I dont always have time to read the newest rootkit, or patch needed to protect my server from being rooted. Also if I had Customer CC and data It wouldn’t be in clear text=)

Reply

Leave a Comment

Tagged as: , , , , , , ,

Previous post:

Next post: