hacked afterthought, tools

Archived from groups: microsoft.public.win2000.security (More info?)

Hello,

If a system gets hacked and you go over the various data.

is any tools out there that will tell you what
information they got???

it was the only system that had a lot of viruses.

Recently discovered it was compromised....

Is there anyway to find what network data was transmitted?

thank you,

"hackedupon"
2 answers Last reply
More about hacked afterthought tools
  1. Archived from groups: microsoft.public.win2000.security (More info?)

    Not really. If you had auditing of object access enabled and then audited
    folders/files you might have an idea who accessed data and when but it is not
    practical to audit everything as it will decrease computer performance and generate
    thousands and thousands of events in the security log. Security logs can also be
    erased or modified by a hacker. Encryption of data and removal and securing of all
    private keys that can decrypt a file would be one way to insure confidentiality of
    data. In your situation you pretty much have to assume the worst. --- Steve

    http://securityadmin.info/faq.asp#hackerstoc -- link from Karl's FAQ may be helpful.
    http://www.microsoft.com/technet/community/columns/secmgmt/default.mspx -- from
    Microsoft
    http://www.microsoft.com/technet/security/guidance/secmod144.mspx -- auditing
    procedures.

    "hackedupon" <anonymous@discussions.microsoft.com> wrote in message
    news:026c01c47be8$5a1214a0$3501280a@phx.gbl...
    > Hello,
    >
    > If a system gets hacked and you go over the various data.
    >
    > is any tools out there that will tell you what
    > information they got???
    >
    > it was the only system that had a lot of viruses.
    >
    > Recently discovered it was compromised....
    >
    > Is there anyway to find what network data was transmitted?
    >
    > thank you,
    >
    > "hackedupon"
  2. Archived from groups: microsoft.public.win2000.security (More info?)

    On Fri, 6 Aug 2004 12:05:34 -0700, "hackedupon"
    <anonymous@discussions.microsoft.com> wrote:

    >Hello,
    >
    >If a system gets hacked and you go over the various data.
    >
    >is any tools out there that will tell you what
    >information they got???
    >
    >it was the only system that had a lot of viruses.

    That's not an indication of being hacked.

    >Recently discovered it was compromised....
    >
    >Is there anyway to find what network data was transmitted?

    Sure. You look at your intrusion detection system logs, your network
    sniffer logs, the server's auditing logs and so on. All of which need
    to be in place *before* anything happens.

    Jeff
Ask a new question

Read More

Security Microsoft Hacked Windows