Hello, Check this link: http://www.sysinternals.com/ntw2k/freeware/pstools.shtml If you know the admin password on the server, you can remotely use PsShutdown or PsKill. Regards, Tobias Kristof.DeMey@elec trabel.com To: thin@xxxxxxxxxxxxx Sent by: cc: thin-bounce@freeli Subject: [THIN] Way OT but hey... i want to kill 2k server sts.org 21.02.2003 10:05 Please respond to thin Hi group I have a rather funny issue here... Someone has implemeted a server in the network here but we cant find it :) He is using a range reserved for our trading people and they want to bring the server down to be able to use the ip it has in ues.. There is also a SLAMMER VULNERABLE sql server installed and thats also a reason to take it out. We have only: IP Addres and Hostname, No login info, he's not added to a domain , nobody seems to be aware of the machine, No dns record in the dns server.. I'v send mails too all it personel (about 400) and nobody knows about the machine. So i am DIENG to kill it remote. We tried spamming it with a telnet on port 19 (rdm text generator) but the simple tcp ip services are disabled I tried the SMB die vulnerability but he is NOT vulnerable. Any one any ideeN? I tried remote registry suff and all but nothing seems to work. We are slowing it down by issueing huge ping request but untill now nobody is complaining so still no luck :) Anyone? Thx in advance.... Any tip to slow the bagger down is also verry welcome! That way we can trigger the "server installer" to call the networking department and then we got him :) Met vriendelijke groeten - Bien ` vous , Kristof De Mey Electrabel IT-Services - Infrastructure Services Service Operations - Exploitation NT & Mailing Systems Werhuizenkaai 16 - Q015 - 1000 Brussel Tel intern: 80.3387 - Tel: 00-32-2-206 33 87 Fax intern: 80.3427 - Fax: 00-32-2-206 34 27 ********************************************************* This Week's Sponsor - Neoware Now through March 31, 2003 Neoware is offering a Capio 500/Eon Proven 2100 for $299! Click the link below: http://www.neoware.com/promocp4a/thinnetban.html ********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm ********************************************************* This Week's Sponsor - Neoware Now through March 31, 2003 Neoware is offering a Capio 500/Eon Proven 2100 for $299! Click the link below: http://www.neoware.com/promocp4a/thinnetban.html ********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm