The Network at my company is still down. We’ve been trying like mad to bring it up but with not success. In the end it was decided to set up the Active Directory from scratch. Problem of course is how to migrate our old schema in order to save time from having to create user entries once again.
Unfortunately the big problem is creating the exchange server again because the old database is basically fried. We can still access it but there is no chance to do a normal backup-export and then import again. We’ll have to do it through manual import of .pst files.
So I started setting up Windows 2000 servers and before I could even install the first update exploits have been exploited and holes have been opened. The first thing I have to do after setting up a new server is open the hosts file and remove the loopback addresses some worm has entered. Only then can I access the network.
Right now I’ve managed to have one server ready to become the new Domain Controller and another one ready to set up the new exchange server to test how it will work.
The IT director seems to think it was a malicious attack. I on the other hand believe it was some kind of virus using an exploit to destroy the AD infrastructure. Just a thing to cause mayhem. Unfortunately it seems to have worked excellently. Now I have to work 12 hours shifts to bring this whole thing under control again 🙁