Hi,

I'm a new IT admin. I was wondering if anyone would be able to tell me what kind of specific symptons we're getting when a computer is being hacked. What should i do in the case of that incident? What're the best ways for prevention ( i think i know the answers for this one i.e to have firewall, antivirus, anti spyware, adware. Anything else that i need to know and haven't mentioned here)?

Thank you in advanceYou start noticing damages to your server or computer?You can sorta tell these things .

Well have a firewall is a MUST, an antivirus wont really stop a HACKER once he gains access.

Unplug your ethernet as soon as you think he gained root (Administrator :/) but be cautious that the backdoor from which he entered may still be PRESENT in the form of a software exploit or just simply a trojan horse or something.

The best thing to do is try to find the source (listed some possibilities above) and try to either SHUT them down and then start a LOG of incoming and outgoing packets on your network to see how and what he's using to communicate with your computer. Be it ssh, telnet, etc..

HTH,
Nelson