GaryBellars Posted March 18, 2021 Share Posted March 18, 2021 Hi All, I need your help please. Sometime within the last few hours all of my drives are appearing as empty and the icon for my server is showing as 'HACKED'. Is anybody able to help me at all please? Regards Gary Quote Link to comment
JonathanM Posted March 18, 2021 Share Posted March 18, 2021 Attach the diagnostics zip file to your next post in this thread. Quote Link to comment
GaryBellars Posted March 18, 2021 Author Share Posted March 18, 2021 Thank you. syslog attached syslog.txt Quote Link to comment
JonathanM Posted March 18, 2021 Share Posted March 18, 2021 Tools, Diagnostics, download the zip file, attach the whole zip file to your next post. Quote Link to comment
GaryBellars Posted March 18, 2021 Author Share Posted March 18, 2021 Apologies, here is the zip. power-tower-diagnostics-20210318-2023.zip Quote Link to comment
SpuddyUK Posted March 18, 2021 Share Posted March 18, 2021 Are you port forwarding anything to the unraid box? Is your root password suitably complex? Quote Link to comment
GaryBellars Posted March 18, 2021 Author Share Posted March 18, 2021 Hi SpuddyUK, not port forwarding anything to my knowledge. I believe my password was just the default one Quote Link to comment
itimpi Posted March 18, 2021 Share Posted March 18, 2021 2 minutes ago, GaryBellars said: I believe my password was just the default one I hope not The default is no password. 1 Quote Link to comment
SpuddyUK Posted March 18, 2021 Share Posted March 18, 2021 3 minutes ago, GaryBellars said: Hi SpuddyUK, not port forwarding anything to my knowledge. I believe my password was just the default one I'm going to say you probably are forwarding http/https to the unraid host and that you didn't have a root password. I.E anyone on the internet could access your unraid box. Quote Link to comment
Squid Posted March 18, 2021 Share Posted March 18, 2021 Did you put your server into your router's DMZ? Does there happen to be any other diagnostics within /logs on the flash drive - relatively recent? They might shed some light on what/why this happened. As for recovery, your files are gone, but you might want to look into UFS Explorer (run on a Windows Box, to recover what you've lost), but it's probably pointless unless we can determine why this happened, otherwise it's just going to (probably) happen again. Are you running a wordpress site or something via a container? Quote Link to comment
GaryBellars Posted March 18, 2021 Author Share Posted March 18, 2021 My DMZ is disabled on my router Quote Link to comment
Michael_P Posted March 18, 2021 Share Posted March 18, 2021 How's your WiFi security Quote Link to comment
GaryBellars Posted March 18, 2021 Author Share Posted March 18, 2021 I thought it was good, but to be sure, I have just updated everything Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.