I have a dedicated server with liquidweb. My main drive's capacity is 120gb. Right now windows explorer is saying i have 35gb free space but when I select all the files in my server and goto properties used space is 6gb. But I don't know why windows is saying I only have 35gb free space. I defragged by harddrive the other day and it was moving weird files names like "scarymovie4.xvid" etc... I search for the file but can't find them. I have 4 websites hosted on the server and the combined bandwidth I used is about 5gb but according to liquidweb i used 70gb. I think someone somehow gained access to my server and is running somekind of filesharing program. Does anyone know how to fix this?
The best option is to reformat the drive and reinstall everything. And then to set up proper security on your system. If you cannot find the files, then they may be hidden from view. If you log in as root (on a *nix system) or log into the admin account on windows, you should have elevated enough privileges to track down the files and their folders and delete it all. You also need to change the user names and passwords on your machine so that the intruder cannot regain access. Make sure you use hard to guess passwords. These are commonly combinations of words and numbers or other characters. Review the user accounts which exist and delete any "guest" types accounts and any accounts which do not belong on the machine. If you are on a *nix system, you need to make sure that accounts associated with programs such as MySql and Apache do not have shell access. Some programs have default passwords associated with default account names which people can use to gain access to your machine. You need to tighten up your firewall so that you do not have programs listening on any more ports than you have deliberately set up servers for. For programs which need to listen on a port, such as MySql, but which should only be accessible from your machine, make sure the firewall ignores all non-local requests. Do not leave anything open that does not need to be opened. Do not run any programs that you do not need to run. I always turn off ftp servers. Though, I do run the sshd daemon under *nix. Make sure all your scripts and programs are at their latest patch level. Run port scanners against your machine to test for open ports. There are lots of options available. A good one to use from Windows is Tenable Newt This will let you see what ports are actually open on your machine. Close what you do not need.
Thanks for the advice clancey. I finally figured out what was going on. Somehow my server was infected with a trojan. The trojan downloaded about 70gb worth of warez files and was running an ftp server in the background. I removed all the files and turned on the firewall.