Can we have some specifics as to the warning you're seeing (in the console, I assume), the attack itself, etc.? The most certain method of cleaning up the results will be to start with scanning all your home PCs for viruses and malware, using a tool other than your current AV/malware protection suite (if any). You want to use another tool because your current tool may have failed to detect and protect you, and so might not find some of the sequelae. Then I would move immediately to a server reinstallation, which will wipe the system partition.
Man in the Middle attacks are something that all networks may be subject to; this is one reason why I advise
very strongly against the use of protocols such as FTP or Remote Desktop (port 3389) from the internet straight to your server. Both protocols use an unencrypted channel for transmission of some control information.
I'm not on the WHS team, I just post a lot. :)