administrator password is hacked -- iis security

Noom
2/28/2007 1:29:05 AM

I use Microsoft Product is Windows 2003 Standard R2 Service Pack 2 for my

server ,

But my server is hack delete file at c: and c:\windows ,i Check it share

c$ , d$ , Admin$ , IPC$

i disable share c$ , d$ but when i reboot it enable automatic .

I resolve this ploblem by registry code :

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameter

s]

"AutoShareServer"=dword:00000000

"AutoShareWks"=dword:00000000

now it not enable again when i reboot , hacker tell me it hack by iis6 for

add user same Administrator but he not tell me about this,

I want know How to potect iis6 for hack administrator password or add

another user to administrator group how to fix it

Please tell me step by step for setting iis for protect hack password or

grant user to administrator group

Thank you

Roger Abell [MVP]
2/28/2007 5:48:24 AM

You will find a number of security and hardening guides at
http://www.microsoft.com/technet/security/guidance/default.mspx

But, if you leave all of a machine's exposed to the world
and you define a password like 123password for the account
Administrator, then you should expect someone will discover
that 123password works in not too long.

[quoted text, click to view]

iis security : administrator password is hacked