And what a way to come back to work it was!
Over the holidays, IT security used the Windows RPC flaw to “break in” to all of my Windows servers. The payload disabled TCP/IP in the registry, and modified the boot.ini to disable system startup. I spent today manually booting servers one by one and re-enabling TCP/IP, so that I could download and install the required patches. I am extremely glad that I have remote consoles on all of my servers, or I would have had to make the long trek out to Mississauga to fix everything!
The important servers are back up, but I probably have another day of this before everything’s back to normal. Ugh…
Sorry, the comment form is closed at this time.