Find Out If Windows Server System Hacked / Cracked Or Not

last updated in Categories Hardware, Howto, Links, Networking, Security, Tips, Windows, Windows server, windows vista

Some time my work force me to do detective work on MS-Windows boxes. Just like Linux / UNIX / BSD system , Windows machines get *owned* a lot. Recently while searching for information I came across couple of nice built-in windows command line security tools to determine if a system has been hacked cracked.


Fortunately, Microsoft has built numerous tools into Windows so administrators and power users can analyze a machine to determine whether it’s been compromised. In this tip, which is the first of a two-part series, Author has covered five useful command-line tools built into Windows for such analysis.

=> Built-in Windows commands to determine if a system has been hacked : Part I and Part II

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.


4 comment

  1. Blah who has time for all that. Find a dedicated managed server. I run with Server Intellect fully managed. They run full scans for me each month. One less thing I have to worry scan for. Spend more time being productive and less time chasing down wanna be hacker kiddies.

  2. … seriously?

    Every month?

    What, so if you got compromised, that’s no problem, because you’ll find out like 4 weeks later.

    Meanwhile some dude in Belarus has all your customer data, credit cards, etc

    …or do you work for Server Intellect?

  3. (Incidentally that’s not a jab at Server Intellect, I’m not familiar with them and they’re probably fantastic for all I know)

    btw Great articles, though they would have been better if they pointed out which command line tools were more useful than others at spotting common cloaked rootkits..

  4. Henrick I think your missing the point, I have someone who runs scans for me. I still continue to monitor and run scans myself but I have a third party also reviewing and watching my server and updating it if I dont get the chance to right away. Plus if I do get rooted, I have some support to back me up and resolve issues. Most people that run their own servers wouldn’t know a root kit if it bit them in the ass. I dont always have time to read the newest rootkit, or patch needed to protect my server from being rooted. Also if I had Customer CC and data It wouldn’t be in clear text=)

Leave a Comment