Click here to Skip to main content
13,045,657 members (52,172 online)
Rate this:
Please Sign up or sign in to vote.
I got a hacker intrusion on my Win-2003 IIS server and the log appeared that the intruder
was able to logon anonymously? The web serivce setting has somehow been changed and I
can not see any website setup in IIS. Instead I see an menu item "Connect to a Computer"

This looks like the IIS can not even link to the local computer where it is installed? Therefore
I do not have option to add a website or see any previous setup.

However no matter what I put in to the computer name, the IP address, the localhost, or the machine name,
the connect to computer just would not work.

Can some one point me a direction how to solve this problem. It has to be some services need
to be activated or IIS setting got to put back?


Posted 26-Aug-12 19:37pm

1 solution

Rate this: bad
Please Sign up or sign in to vote.

Solution 1

The solution is to get backup from system32/intersrv/history the file called metabase.xml and out it back to system32/intersrv. Obviously the hacker managed to delete this file for whatever the reason and method unknow?

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

Advertise | Privacy | Mobile
Web02 | 2.8.170713.1 | Last Updated 29 Aug 2012
Copyright © CodeProject, 1999-2017
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100