|
All accounts but Admin should be a limited account.
There's no way anyone can get into the server as Admin unless they either have the Admin login and change things, Or they hacked, or they have a spy app/keylogger installed and stole the login.
I think if the server soft is out of date, exploits will exist that can do this sort of thing.
I would scan the whole server thoroughly looking for anything unusual. Keyloggers in particular.
Check the logs to see what connections have been made and where from.
Delete any extraneous accounts, check the account permissions.
Make sure everything is updated and the firewall is secure.
Have a word with your clients that false connections won't be tolerated.
__________________
Where there's a will, There's a way.
Pay developers, not Rapidshare!
I know nowt, but at least I'm trying. 
Quality, not quantity.
Prevention is better than cure.
|