Success

From: cwhitley (charles_whitley@mindspring.com)
Date: 10/15/02 

From: "cwhitley" <charles_whitley@mindspring.com>
Date: Tue, 15 Oct 2002 12:08:40 -0700

Karl, thanks for the folder removal tips. The RD command
took care of it, along with the /x cmd.

I will follow up on the other part of your suggestions.

Crw
>-----Original Message-----
>Best practice: secure Windows, IIS, IE, Outlook Express
and all other
>software completely using all patches, service packs and
the hardening
>instructions at www.microsoft.com/security
>
>Disable the anonymous account unless you really need it.
Don't let the
>anonymous account have both read and write access to any
folder, e.g. use
>different upload and download folders.
>
>Note that with many FTP servers including IIS, the ID and
password are sent
>in plain text and could theoretically be vulnerable to
capture via sniffing.
>Third party FTP software, or OpenSSH, or VPN can be used
for secure file
>transfers.
>
>You could consider using firewall hardware or software to
limit the source
>IP addresses that can be used to access the FTP server to
just certain
>acceptable ranges.
>
>RE: removing the folders, read below:
>
>You can try following the steps below to try to delete
the unwanted folder
>from your computer:
>
>
>
>1) Use a "DOS" Command Prompt for the steps below.
Example, click on
>Start, Run, type CMD [for Windows 2000 / XP / NT / .NET ]
or COMMAND
>[Windows 95 / 98 / ME ] and click OK to open a Command
Prompt window.
>
>2) Use the DIR /X command to find the shortened 8.3 name
of the folder.
>[Example, the shortened 8.3 name for the "Hackers Files"
folder might be
>HACKER~5 ]
>
>3) Use the CD command to change to that directory using
the 8.3 name
>[example CD DOCUME~1 ].
>
>4) Repeat these two commands until you reach the lowest
level of the
>subdirectory tree that the hacker created.
>
>5) You should then be able to delete all the files in
the subdirectory.
>
>6) Use the CD .. [CD space dot dot] command to move up
one directory.
>
>7) Use the RD command to remove the directory you just
left [e.g. RD
>HACKER~7 ]
>
>8) Repeat these two commands until you have removed all
the unwanted
>folders.
>
>
>
>If this fails to work, try using the RM.EXE command from
the Windows
>Resource Kit as described in the following article:
>
>
>
>http://support.microsoft.com/default.aspx?scid=KB;EN-
US;Q120716
>
>
>
>While some of the Windows Resource Kit utilities are
available for free
>download, the RM.EXE utility does not appear to be one of
them. The Windows
>Resource Kit books and CDs are available for purchase at
a variety of stores
>and web sites where books and software are sold [such as
www.bn.com,
>www.amazon.com, www.bestbuy.com, www.microsoft.com, etc.]
>
>
>
>It is possible that all of the above options might fail,
if the files or
>directories in question are on an NTFS-formatted
partition and the NTFS
>permissions do not allow you to access the files. If
this is the case, you
>should consider backing up the files on the hard drive
partition, formatting
>the partition, then restoring the files from the backup.
[If you do not
>wish to do this, you could consider deleting the files
and leaving the
>unwanted directories where they are.]
>
>
>"cwhitley" <charles_whitley@mindspring.com> wrote in
message
>news:300101c2745c$cbb81f90$35ef2ecf@TKMSFTNGXA11...
>> Couple a questions:
>>
>> Our FTP site is use for our off-site offices
to "download
>> and upload" files that are to big for email.
>>
>> Someone with a FTP sniffer found our site and placed
>> folders and content on it.
>>
>> Even when I am logged on as the Administrator I cannot
>> delete those folders or take over ownership.
>>
>> How can I get those folders off the fptroot and what is
>> the best practice for setting up our FTP site so only
>> authorized person can access it?
>>
>> Thank you
>> Crw
>
>
>.
>

Relevant Pages

  • Re: File Attributes a real stumper
    ... Windows is based on that ANSI character set, or it may contain reserved windows names, such as 'com', 'lpt', or others. ... I've seen these type of files created using FTP, which supports ASCII, and an FTP server supports ASCII, and Windows will create it from FTP, but when you try to view it, or delete it, you'll have problems. ... A little background on undeletable files and folders: ... They would upload their illegal software to the FTP servers they find, but they would name the files and the folder they create with extended characters and symbols that FTP supports but Windows does not directly support, as well as create a very deep file structure with these extended unsupported ASCII characters, and/or file names with these characters that are greater than 256 characters. ...
    (microsoft.public.windows.server.general)
  • Re: Cannot delete file with name ended with a dot.
    ... receive the message "File Not Found" (from command prompt I cannot see the ... The operating system is Windows 2008 server standard x64. ... A little background on undeletable files and folders: ... files to it but use characters in the name that FTP supports (ASCII ...
    (microsoft.public.windows.server.general)
  • Re: FTP site hacked
    ... different upload and download folders. ... Note that with many FTP servers including IIS, the ID and password are sent ... Use the DIR /X command to find the shortened 8.3 name of the folder. ... > Our FTP site is use for our off-site offices to "download ...
    (microsoft.public.inetserver.iis.security)
  • Re: Idiot_self+trojans+administrative privs = Disaster
    ... What I do in cases like this is to get a good command line virus scanner, put it on a flash drive, and boot the machine from a WinPE CD. ... Once the machine is at the command prompt, I empty all the temp folders for all user profiles and in windows, as well as the temporary internet files/content.ie5 folders. ...
    (Security-Basics)
  • Re: Print a list of Folders, Subfolders & Filenames in a specific driv
    ... Add a "Print Directory" Feature for Folders in Windows XP ... You can use the dir command and send the output to a text file. ... Hit your Enter key. ...
    (microsoft.public.windowsxp.general)