20-07-2024, 06:21 PM (This post was last modified: 20-07-2024, 06:22 PM by zelda1.)
Dear Friends,
As I am using Hetzner as a server provider and host. I have been trying to get into the server using a Remote desktop connection however, Windows can't recognize my credentials even though I have not changed them and I have been using them for more than a month now. I tried to hit the rest password button but it does not work.
Any thoughts?
I attached pictures of errors am receiving when I enter or hit the reset password button:
Have you tried connecting through the hetzner console to a local console?
If it says that the password is not suitable, look at the load graphs - you may have been hacked
I recently upgraded it to the CX32. It worked just fine, but now even the console gives me the same interface when I enter Windows "Password is incorrect". I don't think it is hacked either as the graph shows 5-10% CPU operation which is very low. plus I don't have anything on it except for the bot.
Attackers could use an exploit for the vulnerability, or the installation image could contain a technical account for support access, and the attackers found out about it and used such an account. The easiest option is to reinstall everything from the very beginning, check and clean users, use updates and an antivirus program. and the most correct option for me is to use Linux
In RDP, forwarding of a disk or folder is easily configured. backups of configs or entire directories can be made quickly and easily. If there are problems with the Internet channel, then you can first compress the folders with zip - this is easy in Windows!
The job of a system administrator requires a lot of work, and the biggest one is monitoring and reading system logs. before hacking there are always frequent attempts - this can be caught by errors in the system logs
Backups, updates, periodic system cleanings, log audits - this is only part of the routine work
Alright will review Sergio, btw, I have a snapshot from the old server "hacked one" do you think I should transfer it to the new one? would this help or get my new server hacked again?