Soldato
- Joined
- 23 Oct 2002
- Posts
- 3,177
Hi guys
i run the IT in a small company.
basically a NAS for data storage (buffalo) and then just a winxp machine for internet sharing and that runs our web apps (apache, mysql and php)
when i got in this morning the backup had stalled (we just backup the NAS to HDDs every night)
then i look on the NAS and the accounts, accounts data and live projects had all had stuff deleted or the folders were totally missing.
luckily the NAS copies files to trashbox folder rather than deleting. so i can copy them back. they had been deleted during the night at around 4am!
the thing is im worried that these are basically the 3 most important folders for us. so to me it looks like we got hacked (or its just very suspicious anyway)
we use MS security essentials as AV and just the windows firewall for firewall duties.
i guess we need to look at a firewall and maybe change the AV?
any suggestions on fw/av or tips as to how i can see who got in last night? i checked the logs and i cant see anything and to be honest im not sure which machine they maybe got in via anyway.
i run the IT in a small company.
basically a NAS for data storage (buffalo) and then just a winxp machine for internet sharing and that runs our web apps (apache, mysql and php)
when i got in this morning the backup had stalled (we just backup the NAS to HDDs every night)
then i look on the NAS and the accounts, accounts data and live projects had all had stuff deleted or the folders were totally missing.
luckily the NAS copies files to trashbox folder rather than deleting. so i can copy them back. they had been deleted during the night at around 4am!
the thing is im worried that these are basically the 3 most important folders for us. so to me it looks like we got hacked (or its just very suspicious anyway)
we use MS security essentials as AV and just the windows firewall for firewall duties.
i guess we need to look at a firewall and maybe change the AV?
any suggestions on fw/av or tips as to how i can see who got in last night? i checked the logs and i cant see anything and to be honest im not sure which machine they maybe got in via anyway.