Find Out If Windows Server System Hacked / Cracked Or Not

Some time my work force me to do detective work on MS-Windows boxes. Just like Linux / UNIX / BSD system , Windows machines get *owned* a lot. Recently while searching for information I came across couple of nice built-in windows command line security tools to determine if a system has been hacked cracked.

ADVERTISEMENTS

Fortunately, Microsoft has built numerous tools into Windows so administrators and power users can analyze a machine to determine whether it’s been compromised. In this tip, which is the first of a two-part series, Author has covered five useful command-line tools built into Windows for such analysis.

=> Built-in Windows commands to determine if a system has been hacked : Part I and Part II

🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source & DevOps topics via:
CategoryList of Unix and Linux commands
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04

ADVERTISEMENTS
4 comments… add one
  • akim Jun 20, 2008 @ 22:00

    Blah who has time for all that. Find a dedicated managed server. I run with Server Intellect fully managed. They run full scans for me each month. One less thing I have to worry scan for. Spend more time being productive and less time chasing down wanna be hacker kiddies.

  • henrik Sep 6, 2008 @ 8:30

    … seriously?

    Every month?

    What, so if you got compromised, that’s no problem, because you’ll find out like 4 weeks later.

    Meanwhile some dude in Belarus has all your customer data, credit cards, etc

    …or do you work for Server Intellect?

  • henrik Sep 6, 2008 @ 8:33

    (Incidentally that’s not a jab at Server Intellect, I’m not familiar with them and they’re probably fantastic for all I know)

    btw Great articles, though they would have been better if they pointed out which command line tools were more useful than others at spotting common cloaked rootkits..

  • akim Sep 22, 2008 @ 17:27

    Henrick I think your missing the point, I have someone who runs scans for me. I still continue to monitor and run scans myself but I have a third party also reviewing and watching my server and updating it if I dont get the chance to right away. Plus if I do get rooted, I have some support to back me up and resolve issues. Most people that run their own servers wouldn’t know a root kit if it bit them in the ass. I dont always have time to read the newest rootkit, or patch needed to protect my server from being rooted. Also if I had Customer CC and data It wouldn’t be in clear text=)

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.