RE: pubdestroyer2001.exe via anonymous FTP?
From: Benninghoff, John (JABenninghoff@DainRauscher.com)Date: 09/27/01
- Previous message: UMusBKidN@aol.com: "RE: Nimda et.al. versus ISP responsibility"
- Maybe in reply to: Mike Shaw: "pubdestroyer2001.exe via anonymous FTP?"
- Next in thread: Kevin Reardon: "Re: pubdestroyer2001.exe via anonymous FTP?"
- Reply: Kevin Reardon: "Re: pubdestroyer2001.exe via anonymous FTP?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Subject: RE: pubdestroyer2001.exe via anonymous FTP? Date: Thu, 27 Sep 2001 15:38:34 -0500 Message-ID: <D6CE5018C5563D47A8A823409AA4F194017E738F@MAIL3.corp.isib.net> From: "Benninghoff, John" <JABenninghoff@DainRauscher.com> To: "Slivkoff, Michael M" <michael.slivkoff@eds.com>, <incidents@securityfocus.com>
You can remove files like this using the POSIX subsystem.
http://support.microsoft.com/support/kb/articles/Q120/7/16.asp
-----Original Message-----
From: Slivkoff, Michael M [mailto:michael.slivkoff@eds.com]
Sent: Thursday, September 27, 2001 1:49 PM
To: 'incidents@securityfocus.com'
Subject: RE: pubdestroyer2001.exe via anonymous FTP?
I had a problem like this. I had an upload directory on anonymous ftp
that
was set write only. Some wonderful person tagged it with a directory
called
com1. Couldn't get rid of it for the life of me (win2k system). I
still
have a write only anonymous upload directory, but I disabled directory
create. Anyone know how to get rid of a directory named with a
system-reserved name? Other than deleting the drive. And how would you
create it in the first place?
-----Original Message-----
From: Patrick Andry [mailto:pandry@wolverinefreight.ca]
Sent: Thursday, September 27, 2001 12:47 PM
To: Mike Shaw
Cc: incidents@securityfocus.com
Subject: Re: pubdestroyer2001.exe via anonymous FTP?
Mike Shaw wrote:
> I'm working with someone who had unwittingly left an anonymous ftp
> server available to the 'net with write access.
>
> The good news: nice mp3 and Divx collection.
> The bad news: In the root there was a file named pubdestroyer2001.exe
> that we had some trouble deleting. There were many spaces at
> the end of the file name. We were able to nix it by deleting the 8.3
> file name.
>
> Has anyone seen this before? Anyone interested in a copy of the file?
>
> Thanks
> -Mike
>
>
>
------------------------------------------------------------------------
----> > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management and > tracking system please see: http://aris.securityfocus.com
Undeletable files are a norm among warez sites. Also hidden and/or undeletable directories are also a trademark. There was a discussion here about it a few months back. Essentially, it's a last ditch effort to prevent the sysadmin from cutting off the warez ftp. Usually keeps the site going for a few minutes extra :)
------------------------------------------------------------------------ ---- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
------------------------------------------------------------------------ ---- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
- Previous message: UMusBKidN@aol.com: "RE: Nimda et.al. versus ISP responsibility"
- Maybe in reply to: Mike Shaw: "pubdestroyer2001.exe via anonymous FTP?"
- Next in thread: Kevin Reardon: "Re: pubdestroyer2001.exe via anonymous FTP?"
- Reply: Kevin Reardon: "Re: pubdestroyer2001.exe via anonymous FTP?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
