Re: security properties problems..

From: Alfred Van Young (fmid_at_mymail.com.cn.discuss)
Date: 12/24/03 

Date: Wed, 24 Dec 2003 13:46:14 +0800

it seems iis6 fixed it, right?

"Karl Levinson [x y] mvp" <levinson_k@despammed.com> wrote in message
news:OzsJoxdyDHA.1668@TK2MSFTNGP10.phx.gbl...
> Usually, part of the solution is to use the old 8.3 file name. Use DIR /X
> to find out that name. Posix support feature running by default on your
> version of Windows allowed the hacker to add reserved words like "COM9"
into
> the folder name, and Explorer prevents you from manipulating objects
> containing that reserved word.
>
> You also want to figure out how you were hacked, if you want to prevent it
> from happening. If IIS FTP was running, it could just be you left the
IUSR
> anonymous account with both read and write permissions. Or, if you don't
> have a firewall and/or are missing patches or are using insecure default
> settings, someone could have installed FTP server software such as Serv-U
> FTP. More info:
>
> http://securityadmin.info/faq.asp#ftpfolder
> http://securityadmin.info/faq.asp#hacked
> http://securityadmin.info/faq.asp#re-secure
> http://securityadmin.info/faq.asp#harden
>
>
> "junx" <junx@phreaker.net> wrote in message
> news:#rHbbqdyDHA.3436@tk2msftngp13.phx.gbl...
> > ok i found out how to take ownership..
> >
> > but i still cannot get into or delete the other directory..
> >
> > below is the directory after /upload/ i want to remove and cannot get
into
> > if it helps..
> > the +'s are actually spaces (atleast thats what they show up like when i
> > open them)
> >
> > /upload/++++/COM9s('u++/Tag+For+PW+/+++tag+Leo+-+scan+Leo+++/
> >
> > "junx" <junx@phreaker.net> wrote in message
> > news:efNg3LdyDHA.1908@TK2MSFTNGP10.phx.gbl...
> > > i had an open ftp server up, and of course, someone tagged it..
> (they
> > > uploaded a really crapy movie might i add..)
> > > anyways as i was deleting it, i found out i couldnt delete some of
> the
> > > directories.. so i try changing the security properties, big mistake.
> > > i basically went into the securities tab, advanced and unchecked
> > > "inherit from the.." in the permissions and auditing tab..
> > >
> > > now it says i cannot delete: access denied
> > >
> > > how do i go about fixing this? please help me!@~!#@#!!#@
> > >
> > >
> > >
> >
> >
>
>

Relevant Pages

  • Re: Limited account has access to everything with FTP
    ... If you are connecting via FTP protocol, don't think you will see all hard ... I'm guess your IE is acting like windows explorer. ... > There is one folder to which has authorisation. ... > I am logged on as administrator but accessing FTP with account name 'x'? ...
    (microsoft.public.inetserver.iis.ftp)
  • Re: home FTP with ISS - works only sometimes
    ... >saying "An error occurred opening the folder on the FTP server. ... It could be your connection, ... use the command line FTP instead of Explorer so you can see ...
    (microsoft.public.inetserver.iis.ftp)
  • Re: security properties problems..
    ... Posix support feature running by default on your ... version of Windows allowed the hacker to add reserved words like "COM9" into ... If IIS FTP was running, it could just be you left the IUSR ...
    (microsoft.public.security)
Quantcast