Hello!
One of our file servers(W2K) was hacked last night, and I discovered some new services that were not there before. they have the names: "DomainName"\Scheduler and "DomainName"\Acceptor and point to the corresponding files in the DSM-directory. Both these services are started manually, and are not the ones installed by me.
My question: Did DSM install them by itself? Or is it possible, that the hacker got in by exploiting some existing security hole and uses these Services as "camouflage"?
Thank you in advance,
greetings,
Martin Krau�
-- ******************************************** Martin Krau� IT-Gruppe Geisteswissenschaften LMU M�nchen Ludwigsstra�e 28 80539 M�nchen Hotline: 2180 6400 Tel.:089 2180 1395 FAX: 089 2180 13543 Email: [EMAIL PROTECTED] ********************************************
