-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Under NTFS, there's no way that I know of to get rid of a directory, or filename, that contains any reserved filename. In the old days, with FAT, FAT32, or whatever else, I had the same problem - went in with a hex editor in the FAT tables and renamed it. If there are any tools like that for NT/2K, that would be the only solution I could think of. Creating the file, is a different story. The OS will let you create any file, with any name. Even with security proccesses in place on NT, you might be able to thwart it on normal users, but since IIS runs as a system privledged account - there's no way around that. - ----- Chip McClure Sr Unix Administrator GigGuardian, Inc. http://www.gigguardian.com - ----- On Thu, 27 Sep 2001, Slivkoff, Michael M wrote: > I had a problem like this. I had an upload directory on anonymous ftp that > was set write only. Some wonderful person tagged it with a directory called > com1. Couldn't get rid of it for the life of me (win2k system). I still > have a write only anonymous upload directory, but I disabled directory > create. Anyone know how to get rid of a directory named with a > system-reserved name? Other than deleting the drive. And how would you > create it in the first place? > > -----Original Message----- > From: Patrick Andry [mailto:pandryat_private] > Sent: Thursday, September 27, 2001 12:47 PM > To: Mike Shaw > Cc: incidentsat_private > Subject: Re: pubdestroyer2001.exe via anonymous FTP? > > > Mike Shaw wrote: > > > I'm working with someone who had unwittingly left an anonymous ftp > > server available to the 'net with write access. > > > > The good news: nice mp3 and Divx collection. > > The bad news: In the root there was a file named pubdestroyer2001.exe > > that we had some trouble deleting. There were many spaces at > > the end of the file name. We were able to nix it by deleting the 8.3 > > file name. > > > > Has anyone seen this before? Anyone interested in a copy of the file? > > > > Thanks > > -Mike > > > > > > > ---------------------------------------------------------------------------- > > > > > This list is provided by the SecurityFocus ARIS analyzer service. > > For more information on this free incident handling, management and > > tracking system please see: http://aris.securityfocus.com > > Undeletable files are a norm among warez sites. Also hidden and/or > undeletable directories are also a trademark. There was a discussion > here about it a few months back. Essentially, it's a last ditch effort > to prevent the sysadmin from cutting off the warez ftp. Usually keeps > the site going for a few minutes extra :) > > > > ---------------------------------------------------------------------------- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com > > ---------------------------------------------------------------------------- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com > > -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 Comment: Made with pgp4pine 1.76 iQA/AwUBO7OJqIxq/3tb9j7EEQJA5wCdEsbzQBE2yMb5bT7xQ9Xhy4D8x+kAnAmr 4A7SJWOxVODvEumILxKEN/tu =3cOp -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Sep 27 2001 - 13:33:12 PDT