stupid stupid stupid

OK. Someone in our fine organization left the anonymous FTP site open
over the weekend (I'm not naming names) , and of course some unemployed
drug ridden teenage euro socialist (I'm assuming) with grims ping or some
other
such utility tagged me. So I'm trying to clean up the mess. I can delete
all those
evil little files and folders using a combination of DOS wildcards, UNC
notation
and the POSIX rm utility except for one. This one (named com6 and buried
about a gazillion levels down) gives me permission denied. The drive is
NTFS.
ChkDsk /f on reboot fixed some stuff, but still no joy. Except for the MSKB
articles about removing reserved word files there is very little I found
about the
subject.

Is there any hope for me or do I have to live with this stupid directory
tree until the next re-format?

 

heh heh

 

try this site http://download.broadbandmedic.com and download Pocket
Killbox.
That helped me find and eliminate some files that were not even visible
as an admin with show hidden and system files set. These critters were
invisible to
everything but the killbox program.

 

Yeah, I know. It is pretty funny.

And it wouldn't be so bad if they had left some decent
DVD's behind, but just some new age punk music crap.

kp "I was thinking black market Japanese bondage" g

 

can you put up a list of mp3's that you have available for us to download,
thanks

 

It's not funny anymore.

 

ok, then just send me the list, no need to post it up here

 

A little of topic, but relevant to security: a university in Ontario got
hacked recently, and the hacker was able to record user's keystrokes for
later use. User info, passwords, bank account numbers, payroll info, all
compromised. The administrator (obviously non-IT) said this: "We do what
everybody else does when it comes to computer security, but whoever it was
still broke in. I'm shocked". This went on unchecked for 7 months. So who's
to blame, the doofus admin without a clue, or his IT staff, who failed
miserably (I'd like to think they were contrained by budgeting, but it still
isn't an excuse) and gave the admin a false sense of security (pun
intended)? "We do what everybody else does..." is a classic.

steve.

 

do a serach on the knowledge base (MS), there is a procedure for deleteing
those files, I have done it before

 

For most companies "We do what everybody else does..." means, we care a lot
for security but we rather buy a shiny new wireless PDA for our execs than
spending a small percentage of that for our system security.

 

Thanks.

Killbox was able to traverse below the offensive folder
and I was able to delete the lowest level folder (with
the stuff) but not the rest of the dir structure.

However this tool:

http://www.deletefxpfiles.com/

is great. It was able to delete everything and was very
easy to use. I used the free (unregistered) version and
had no problem. I highly recommend it to any one dumb
enough to leave your FTP site open.

kp "free at last" g

 

my favorite quote:

"If you spend more on coffee than on IT security, then you will be
hacked. What's more, you deserve to be hacked." Richard Clarke

hard to believe how true this is.

he .. he ..

 

That happened to us once and IIRC I was able to fix it from a command prompt
by using the 8.3 file names.

T-Bone
MCNGP XL

 

Actually it is funny that you/your company has a bunch of morons that can not
secure the network properly.

 

Now that IS funny!

 

ummmm...we all know someone who works at a University in Ontario...

 

Rule #1 for a compromised server: Rebuild.

Laura

 

For the record, we just had a similar incident here (PHB left the FTP
service running). There were several directories created with the name like
"LPT1<space>" I was able to find the name of the top level directory using
DIR /x from an NT command prompt. Then I used RD <8.3 directory name> /S to
kill the whole directory.

Sorry to revive an old topic, just wanted to have a solution posted for the
archives.

T-Bone
MCNGP XL
Better late than never