server security problem

Question

I set an static ip on my server but after a day many unknown users created and unknown remote dekstop type softwares installed and sql server get unknown password. Please help me to secure my server.

Answer 1

Sorry for being so harsh, but when you put a server online and after just a day it gets completely owned and you have no idea how this happened, it is a clear sign that you don't really know what you are doing. Nowadays you can't put a server online without it getting attacked immediately by automated bots. When the bots find potential vulnerabilities, the human crackers who control them will follow quickly afterwards. Trying to set up a server facing the internet when you don't know how to do it properly is negligent.

It is not unlikely that your server is currently being used for malicious activity like sending spam, distributing malware or worse. That means the only responsible thing you can do is take it offline ASAP before it causes serious harm (which you could then be made responsible for - it's your server, after all).

Then you should completely wipe its hard drives with a tool like DBAN to eradicate the intrusion.

Before you reinstall from scratch, you need to find out what your mistakes were. Do a websearch for the security guides for your operating system and each piece of software you installed on it. When you don't understand them, do your research.

When you reinstall, apply the knowledge from these guides. Also, make sure that you have the most recent version of all software you use, to avoid installing anything with a known vulnerability which is already patched. Also don't install stuff when you aren't sure you need them. The fewer programs you have installed, the less potential for vulnerabilities.

Don't put your server online before you have all software patched and sufficiently hardened.