P
pseconds
Guest
Hi, I just ordered a new win2k3 server with Plesk 8.2 from ThePlanet - It appears that a rootkit was added within a few days of getting the server and they are recommending reloading the OS. This is very interesting to me since I have not actually used my server yet. They stated they have several Plesk 8.2 servers in this same situation and have asked Plesk to investigate.
I used this to find the root kit:
http://www.microsoft.com/technet/sysinternals/Utilities/RootkitRevealer.mspx
When I got my server, I immediatly added a new admin user with a very complex password and disabled the administrator users ID. Logged out, that's it. Came back 2 days later and the box was compromised.
Has anyone heard about this or having a similar situation?
I used this to find the root kit:
http://www.microsoft.com/technet/sysinternals/Utilities/RootkitRevealer.mspx
When I got my server, I immediatly added a new admin user with a very complex password and disabled the administrator users ID. Logged out, that's it. Came back 2 days later and the box was compromised.
Has anyone heard about this or having a similar situation?