[windows2000] Re: weird files on AD Server
- From: Dogers <dogers@xxxxxxxxx>
- To: windows2000@xxxxxxxxxxxxx
- Date: Wed, 26 Oct 2005 07:07:07 +0100
Ooh, I didn't mean get a consultant straight away :)
First thing you can do is update and virus scan, then turn on file auditing
to find out when these files are being made. I'd also have a look through
task manager at all the processes verifying each one thats running is
something legitimate..
Andrew
On 25/10/05, Mauricio Fernandez <mfernandez@xxxxxxxxxxxxxxx> wrote:
>
> Thanks for your answer.
>
> Unfortunately, there are no security auditors in this country. Where can
> I start? Do you know some tool to do this?
>
> *Mauricio Fernández S.*
>
> IT Manager
>
> Tel. 591- 445-25160
>
> Fax. 591- 441-15056
>
> mfernandez@xxxxxxxxxxxxxxx
>
> www.fdta-valles.org <http://www.fdta-valles.org>
>
> Cochabamba - Bolivia
>
> -----Original Message-----
> *From:* windows2000-bounce@xxxxxxxxxxxxx [mailto:
> windows2000-bounce@xxxxxxxxxxxxx] *On Behalf Of *Dogers
> *Sent:* Tuesday, October 25, 2005 4:05 AM
> *To:* windows2000@xxxxxxxxxxxxx
> *Subject:* [windows2000] Re: weird files on AD Server
>
> Don't know what they are, but I'd be concerned - especially as they're
> owned by different users!
>
> I'd say it was time for a system audit :)
>
> Andrew
>
> On 24/10/05, *Mauricio Fernandez* <mfernandez@xxxxxxxxxxxxxxx> wrote:
>
> I found periodically a hundred of text files on C:\ in the AD Server box.
> Those files are named with rbpxxxxx.txt, where xxxxx is a number. The
> contents of the files are not text, just non-understandable characters. Each
> file is owned by a different user… Does anyone knows what is it?
>
> Thanks
>
> *Mauricio Fernández S.*
>
> IT Manager
>
> Tel. 591- 445-25160
>
> Fax. 591- 441-15056
>
> mfernandez@xxxxxxxxxxxxxxx
>
> www.fdta-valles.org <http://www.fdta-valles.org>
>
> Cochabamba - Bolivia
>
>
Other related posts:
