I live several thousand miles away from the server, I live in UK, server is located in USA, there is quite a big distance between us. I am creating archives of our stuff and sending it to myself via Google Drive (files get deleted afterwards). We use Google Chrome on it to look up mods and such, we don't leave it running, ever.
Linus, I wanted to first start with saying how amazing your videos are on youtube. I have been watching your videos a lot, and I must admit that some actually made me chuckle!
I am from UK, and I am new to this board, so please bare with me as I attempt to explain my issue in as much detail as possible.
I have been hosting game servers for around 2 years on a dedicated server that is located in Pennsylvania, USA. We were running Windows Server 2008 R2 until around 2 weeks ago when somehow, someone managed to get in and install ransomware, that demanded we attach 2 files to get some sort of decryption key to get our files back. I am guessing that after they get the files, they will demand some sort of ransom. Suffice to say that we did not respond to their demands and we just had the entire server rebooted, after I had our hosts completely erase all the drives and reboot Windows from scratch. We had backups of our most important files, I had copies of them here at home. We are now running Server 2016.
I am not sure how these hackers got in to our server, as we had a very secure password, and the system was fully up to date at the time. I have been working constantly to create a more secure server and have done what I can thus far, but I am wondering if there is anything that experts here can suggest to be able to make it almost impossible to get in to, in any way. To be able to better explain my situation, I have included a few screenshots that I took from the server before we had it rebooted for reference purposes, and wondered if anyone knows of a possible way that they got in to install this ransomware, something called "Mr.Dec". I have no idea what this is, but here are some screenshots for the experts to try and assist us to make the server as secure as possible to prevent similar attacks of this nature.
NOTE: That this is in no way intended to be spam, I am trying to get some useful advice here, as so far, we have had a PSU failure that fried the entire rack we were located in (not hosts fault) and this issue that has become a real headache.
Lasky got a reaction from Kosenator in Size on drive vs size in disk management
Lasky got a reaction from LienusLateTips in Securing server suggestions that don't cost a fortune!
Lasky got a reaction from 8uhbbhu8 in Securing server suggestions that don't cost a fortune!
