Chinese Hacker Stole Some Files

[NickJames]

So I had an old server setup in DMZ mode (yeah my mistake I am lazy). Mostly hosting stuff like VOIP servers and Minecraft and movies. I notice a sudden spike in upload using Netlimiter and saw about 10MB/s was being uploaded to an outside IP which turned out to originate in China. After killing the connection, disabling DMZ and fixing everything I took a look at the logs. The IP managed to download about 30-40GB of data over the course of 2 days from my server PC. Question is, would it be possible to find out exactly what he got access too? None of the stuff I on the PC is high risk but I am just curious. Only thing I had running was Netlimiter 3 Pro.

Thanks.

 

[mda]

I remember from my limited Linux experience that you could write the ls command with the atime option showing last access/read time.

Maybe you could write a script around this to generate a list of files?

If this is Windows, I'm not exactly sure...

 

[NickJames]

Yeah sorry, forgot to mention it's Windows Home Server 2011. I am also assuming there's no way of checking out what got downloaded. I wonder if there's a better network logger for the future even though I don't plan on taking down my firewalls again lol.