Good note. I found the same thing is possible in unix. Try deleteing a
directory called $HOME. However, you can just use the dos syntax in the note
rather then posix:
rmdir \\.\c:\temp\com1
or substitute the c:\temp\com1 with the directory that offends you. I just
tried it and it works quite well (both the mkdir and rmdir work).
---K
"Benninghoff, John" wrote:
> You can remove files like this using the POSIX subsystem.
>
> http://support.microsoft.com/support/kb/articles/Q120/7/16.asp
>
> -----Original Message-----
> From: Slivkoff, Michael M [mailto:michael.slivkoffat_private]
> Sent: Thursday, September 27, 2001 1:49 PM
> To: 'incidentsat_private'
> Subject: RE: pubdestroyer2001.exe via anonymous FTP?
>
> I had a problem like this. I had an upload directory on anonymous ftp
> that
> was set write only. Some wonderful person tagged it with a directory
> called
> com1. Couldn't get rid of it for the life of me (win2k system). I
> still
> have a write only anonymous upload directory, but I disabled directory
> create. Anyone know how to get rid of a directory named with a
> system-reserved name? Other than deleting the drive. And how would you
> create it in the first place?
>
> -----Original Message-----
> From: Patrick Andry [mailto:pandryat_private]
> Sent: Thursday, September 27, 2001 12:47 PM
> To: Mike Shaw
> Cc: incidentsat_private
> Subject: Re: pubdestroyer2001.exe via anonymous FTP?
>
> Mike Shaw wrote:
>
> > I'm working with someone who had unwittingly left an anonymous ftp
> > server available to the 'net with write access.
> >
> > The good news: nice mp3 and Divx collection.
> > The bad news: In the root there was a file named pubdestroyer2001.exe
> > that we had some trouble deleting. There were many spaces at
> > the end of the file name. We were able to nix it by deleting the 8.3
> > file name.
> >
> > Has anyone seen this before? Anyone interested in a copy of the file?
> >
> > Thanks
> > -Mike
> >
> >
> >
> ------------------------------------------------------------------------
> ----
>
> >
> > This list is provided by the SecurityFocus ARIS analyzer service.
> > For more information on this free incident handling, management and
> > tracking system please see: http://aris.securityfocus.com
>
> Undeletable files are a norm among warez sites. Also hidden and/or
> undeletable directories are also a trademark. There was a discussion
> here about it a few months back. Essentially, it's a last ditch effort
> to prevent the sysadmin from cutting off the warez ftp. Usually keeps
> the site going for a few minutes extra :)
>
> ------------------------------------------------------------------------
> ----
> This list is provided by the SecurityFocus ARIS analyzer service.
> For more information on this free incident handling, management
> and tracking system please see: http://aris.securityfocus.com
>
> ------------------------------------------------------------------------
> ----
> This list is provided by the SecurityFocus ARIS analyzer service.
> For more information on this free incident handling, management
> and tracking system please see: http://aris.securityfocus.com
>
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus ARIS analyzer service.
> For more information on this free incident handling, management
> and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Sep 27 2001 - 19:17:55 PDT