Need help with an attack
From: Michael (fumeng@yahoo.com)
Date: 07/30/02
- Next message: Joe Rookie: "Re: Recommended Network Monitor"
- Previous message: Scott: "prevent local admin users seeing domain user list ?"
- In reply to: Richard Garrow: "Need help with an attack"
- Next in thread: karl [x y]: "Re: Need help with an attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Michael" <fumeng@yahoo.com> Date: Tue, 30 Jul 2002 04:44:48 -0700
FTP HACK AND WHAT TO DO
The number one reason we suggest not to use FTP for
uploading files, because it is not secure and there is
nothing you can do to secure it, except not use it.
Situation:
Either there is anonymous access to the site and you have
allowed everyone
to upload files... or you are using Basic to log in and
then allow people
to upload files.
You have two options:
Option Number One
==================
Q120716 How to Remove Files with Reserved Names in Windows
http://support.microsoft.com/default.aspx?scid=kb;EN-
US;Q120716
The above utility will generally work, however sometimes
there are special
Unicode charter sets that are not recognized by this
program. You'd be
better off doing step number 2 at that point.
Try taking ownership of the ftproot folder (and apply
ownership to all
subdirectories and files). You may not have permission to
those folders.
After you have taken ownership, give yourself permissions
to those folders
(again by using the ftproot folder and cascading the
permissions down).
Try using the POSIX rmdir command from a command prompt:
c:\>rmdir /?
Option Number Two
==================
Format and then restore from backup.
After reading all of this, you might be wondering what the
best way to
allow people to upload files to your web server might be
if not the File
Transfer Protocol... If so I have provided below this,
just what you need
to do. My best wishes to you and I hope you do not fall
pray to the evil
forces at work on the internet again.
Problem: Using FTP with BASIC authentication to upload
files to his web
site.
Issue: This method provides very little security for his
web server.
Resolution: Use a secure method to connect to the web
server and then
publish files.
Q323470 HOW TO: Create a Secure WebDAV Publishing Directory
http://support.microsoft.com/default.aspx?scid=kb;EN-
US;Q323470
>-----Original Message-----
>Hi,
>
>To make a long story short our Win2k Server was accesses
>via our ftp connection and the person from Germany left
us
>with a bunch of nasty files with in the ftp root
>directory. Now the problem is I can not delete the files.
>
>The main directory has either no name or a invisable
>character and it is not letting me delete. I have tried
>various things but I am getting no where. There is one
>file with the subdirectory called Lpt1 and I can not
>rename it or delete.
>
>Has anyone got any ideas on this one?????
>
>Thanks very much.
>
>PS yes I can reformat and rebuild but would like to avoid
>it if possible.
>
>.
>
- Next message: Joe Rookie: "Re: Recommended Network Monitor"
- Previous message: Scott: "prevent local admin users seeing domain user list ?"
- In reply to: Richard Garrow: "Need help with an attack"
- Next in thread: karl [x y]: "Re: Need help with an attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
