Disco Drummer
2005-04-11, 11:35 AM
Client called and said their e-commerce displays a "can't find page" error. I tried pulling up one of their pages using https:// but I get the same error - so something is blocking SSL.
When I logged into the server it told me I could choose from 2 active sessions, which is weird because I'm the only one that ever logs in.
I chose a session and when the desktop loaded, there were several open windows. A command prompt, and some mySQL stuff. There was also a windows explorer screen open to the e-commerce site in question. So obviously someone else has been in there. There was also a new shortcut on the desktop for SQLyog - a font-end interface for mySQL.
So I need to get that SSL connected and figure out who's been in there and how to keep them out.
I tried buying a support token, which seems to have been successful, however SB's system still says I have no available tokens. FRUSTRATING!!!
I'm new to intrusion detection. Any advice is appreciated.
When I logged into the server it told me I could choose from 2 active sessions, which is weird because I'm the only one that ever logs in.
I chose a session and when the desktop loaded, there were several open windows. A command prompt, and some mySQL stuff. There was also a windows explorer screen open to the e-commerce site in question. So obviously someone else has been in there. There was also a new shortcut on the desktop for SQLyog - a font-end interface for mySQL.
So I need to get that SSL connected and figure out who's been in there and how to keep them out.
I tried buying a support token, which seems to have been successful, however SB's system still says I have no available tokens. FRUSTRATING!!!
I'm new to intrusion detection. Any advice is appreciated.