[THIN] Re: Way OT but hey... i want to kill 2k server
- From: tobias.bjorkskog@xxxxxxxxxxxxxxxxx
- To: thin@xxxxxxxxxxxxx
- Date: Fri, 21 Feb 2003 08:17:29 GMT
Hello,
Check this link:
http://www.sysinternals.com/ntw2k/freeware/pstools.shtml
If you know the admin password on the server, you can remotely use
PsShutdown or PsKill.
Regards,
Tobias
Kristof.DeMey@elec
trabel.com To: thin@xxxxxxxxxxxxx
Sent by: cc:
thin-bounce@freeli Subject: [THIN] Way OT but
hey... i want to kill 2k server
sts.org
21.02.2003 10:05
Please respond to
thin
Hi group
I have a rather funny issue here...
Someone has implemeted a server in the network here but we cant find it :)
He is using a range reserved for our trading people and they want to bring
the
server down to be able to use the ip it has in ues.. There is also a
SLAMMER
VULNERABLE
sql server installed and thats also a reason to take it out.
We have only: IP Addres and Hostname,
No login info, he's not added to a domain , nobody seems to be aware of the
machine,
No dns record in the dns server..
I'v send mails too all it personel (about 400) and nobody knows about the
machine.
So i am DIENG to kill it remote.
We tried spamming it with a telnet on port 19 (rdm text generator) but the
simple tcp ip services are disabled
I tried the SMB die vulnerability but he is NOT vulnerable.
Any one any ideeN? I tried remote registry suff and all but nothing seems
to
work.
We are slowing it down by issueing huge ping request but untill now nobody
is complaining so still no luck :)
Anyone?
Thx in advance....
Any tip to slow the bagger down is also verry welcome!
That way we can trigger the "server installer" to call the networking
department and then we got him :)
Met vriendelijke groeten - Bien ` vous ,
Kristof De Mey
Electrabel IT-Services - Infrastructure Services
Service Operations - Exploitation NT & Mailing Systems
Werhuizenkaai 16 - Q015 - 1000 Brussel
Tel intern: 80.3387 - Tel: 00-32-2-206 33 87
Fax intern: 80.3427 - Fax: 00-32-2-206 34 27
*********************************************************
This Week's Sponsor - Neoware
Now through March 31, 2003
Neoware is offering a Capio 500/Eon Proven 2100
for $299! Click the link below:
http://www.neoware.com/promocp4a/thinnetban.html
**********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
*********************************************************
This Week's Sponsor - Neoware
Now through March 31, 2003
Neoware is offering a Capio 500/Eon Proven 2100
for $299! Click the link below:
http://www.neoware.com/promocp4a/thinnetban.html
**********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
Other related posts:
