Re: Our server hacked and tagged. MS doc's suck!

From: Mike Brannigan [MSFT] (mikebran_at_online.microsoft.com)
Date: 05/30/03 

Date: Fri, 30 May 2003 16:25:02 +0100

If you are getting issues with deleting folders even though you have
permissions then you may be forced to stop any service that might be holding
a lock on those folders - such as a web or FTP service. 

-- 
Regards,
Mike
--
Mike Brannigan [Microsoft]
This posting is provided "AS IS" with no warranties, and confers no
rights
Please note I cannot respond to e-mailed questions.
Please use these newsgroups
"Tom Valenzuela" <tomvalenz@sympatico.ca> wrote in message
news:624301c326ba$4068d310$a301280a@phx.gbl...
> Ya we did that and 'permission denied' still, somewhere
> down the tree of the folder it experiences a permissions
> error..Unfortunately we are unable to go down the tree of
> the directory but I will look closer at the permissions
> and owner. Right now it's all administrator as far as I
> can see and I made sure to use the checkbox to ensure it
> goes down to the childnodes and sub directories.
>
> I will look at it more and see. I was thinking these
> directories might have some kind of root somewhere that we
> could delete and get rid of them, but as you said, I will
> look at it as simply files and folders.
>
> I wish there was a utility out there that could easily do
> this for us and just simply nuke the directory..
> unfortunately haven't found any.
>
> thanks for your help! I will post again if I meet any
> problems, hope you can check on here once in a while for
> next day or so...hehehehehe!
>
> Tom
>
>
> >-----Original Message-----
> >"Tom Valenzuela" <tomvalenz@sympatico.ca> wrote in message
> >news:61ae01c326b5$edd3e990$a301280a@phx.gbl...
> >> ok, questions. Map a drive to root of what?
> >
> >The Physical disk on the remote server that holds the
> offending folders.
> >
> >Forget about the homepage, FTP or Web side of things -
> just deal at the
> >simplest level of the disk folders themselves.
> >
> >Ok - so you have a remote desktop session to the server.
> The you do not need
> >to do any mapping.
> >Just logon to the remote desktop as the server
> Administrator and then take
> >ownership of the folders and then reset the permissions
> and delete.
> >
> >-- 
> >Regards,
> >
> >Mike
> >--
> >Mike Brannigan [Microsoft]
> >
> >This posting is provided "AS IS" with no warranties, and
> confers no
> >rights
> >
> >Please note I cannot respond to e-mailed questions.
> >Please use these newsgroups
> >
> >"Tom Valenzuela" <tomvalenz@sympatico.ca> wrote in message
> >news:61ae01c326b5$edd3e990$a301280a@phx.gbl...
> >> ok, questions. Map a drive to root of what? the
> homepage?
> >> or to the c:\. i have accessed the folder and changed
> >> permission and stuff on it all way down the tree using
> the
> >> bullets and stuff but still says permission denied, is
> >> this because i didn't map a drive? I assume you meant to
> >> c:\
> >>
> >> The directory i am trying to delete in the root of our
> >> homepage is \  \, like that... and in the logs for it
> this
> >> directory is seen created as \++\.. Even after changing
> >> owner and stuff says permission denied or it craps out
> >> while trying to change the permission somewhere down the
> >> hierarchy of this folder.
> >>
> >> I am doing this via remote desktop...
> >>
> >> Thanks for your fast response.
> >> Tom
> >>
> >> >-----Original Message-----
> >> >Tom,
> >> >
> >> >This has nothing to do with POSIX commands.
> >> >
> >> >All you need do is take ownership of the folders/files
> >> and then reset the
> >> >permissions on them (which you can now do as you re the
> >> owner even though
> >> >you may not have permissions to begin with).
> >> >Give your self Full Control and ensure that they are
> >> propagated to all child
> >> >files and folders (you will be asked if this is what
> you
> >> want to do).
> >> >Then just delete them.
> >> >
> >> >You can do this by mapping a drive to the root of the
> >> disk volume which by
> >> >default exists as the admin share <drive letter>$
> e.g. F$
> >> >
> >> >You should do all of the is under an administrative
> >> account.
> >> >
> >> >Taking ownership and resetting file permissions are
> >> covered in the online
> >> >help for your OS.
> >> >
> >> >-- 
> >> >Regards,
> >> >
> >> >Mike
> >> >--
> >> >Mike Brannigan [Microsoft]
> >> >
> >> >This posting is provided "AS IS" with no warranties,
> and
> >> confers no
> >> >rights
> >> >
> >> >Please note I cannot respond to e-mailed questions.
> >> >Please use these newsgroups
> >> >
> >> >"Tom" <tomvalenz@sympatico.ca> wrote in message
> >> >news:050401c326a6$ce9ae470$a001280a@phx.gbl...
> >> >> I got directories someone created after someone gave
> R/W
> >> >> to anonymous FTP, doh. Fixed that issue but i have
> >> >> directories I can't delete and give me permission
> denied
> >> >> or an error if I try and access them. I've read KB
> >> article
> >> >> on MS about Posix commands. They don't work. Can't
> find
> >> >> process or returns a 'failed' message. I'm doing this
> >> all
> >> >> via Remote Desktop as server is over 1 hour away.
> >> Someone
> >> >> else said environment variables have to be set.. Hmm,
> >> gee
> >> >> where is that documented as I looked in the Posix
> >> >> manual... I'd really appreciate it if someone can
> tell
> >> me
> >> >> how to get rid of these directories. We closed our
> FTP
> >> and
> >> >> I have checked user rights/groups and stuff, nothing
> out
> >> >> of the ordinary. But as Administrator you think I'd
> just
> >> >> click on em and delete em...but no.
> >> >>
> >> >> We are pursuing the hacker in GERMANY. Whoever it is,
> >> >> trust me, you hacked the wrong site. You're good,
> but I
> >> >> have 3 layers of logging on.. I got you tracked
> biatch!
> >> >>
> >> >> I'm looking for a utility that can go and delete
> these
> >> >> directories or someone who really actually knows how
> to
> >> >> use the posix commands to remove the directories.
> >> >
> >> >
> >> >.
> >> >
> >
> >
> >.
> >