Good note. I found the same thing is possible in unix. Try deleteing a directory called $HOME. However, you can just use the dos syntax in the note rather then posix: rmdir \\.\c:\temp\com1 or substitute the c:\temp\com1 with the directory that offends you. I just tried it and it works quite well (both the mkdir and rmdir work). ---K "Benninghoff, John" wrote: > You can remove files like this using the POSIX subsystem. > > http://support.microsoft.com/support/kb/articles/Q120/7/16.asp > > -----Original Message----- > From: Slivkoff, Michael M [mailto:michael.slivkoffat_private] > Sent: Thursday, September 27, 2001 1:49 PM > To: 'incidentsat_private' > Subject: RE: pubdestroyer2001.exe via anonymous FTP? > > I had a problem like this. I had an upload directory on anonymous ftp > that > was set write only. Some wonderful person tagged it with a directory > called > com1. Couldn't get rid of it for the life of me (win2k system). I > still > have a write only anonymous upload directory, but I disabled directory > create. Anyone know how to get rid of a directory named with a > system-reserved name? Other than deleting the drive. And how would you > create it in the first place? > > -----Original Message----- > From: Patrick Andry [mailto:pandryat_private] > Sent: Thursday, September 27, 2001 12:47 PM > To: Mike Shaw > Cc: incidentsat_private > Subject: Re: pubdestroyer2001.exe via anonymous FTP? > > Mike Shaw wrote: > > > I'm working with someone who had unwittingly left an anonymous ftp > > server available to the 'net with write access. > > > > The good news: nice mp3 and Divx collection. > > The bad news: In the root there was a file named pubdestroyer2001.exe > > that we had some trouble deleting. There were many spaces at > > the end of the file name. We were able to nix it by deleting the 8.3 > > file name. > > > > Has anyone seen this before? Anyone interested in a copy of the file? > > > > Thanks > > -Mike > > > > > > > ------------------------------------------------------------------------ > ---- > > > > > This list is provided by the SecurityFocus ARIS analyzer service. > > For more information on this free incident handling, management and > > tracking system please see: http://aris.securityfocus.com > > Undeletable files are a norm among warez sites. Also hidden and/or > undeletable directories are also a trademark. There was a discussion > here about it a few months back. Essentially, it's a last ditch effort > to prevent the sysadmin from cutting off the warez ftp. Usually keeps > the site going for a few minutes extra :) > > ------------------------------------------------------------------------ > ---- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com > > ------------------------------------------------------------------------ > ---- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com > > ---------------------------------------------------------------------------- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Sep 27 2001 - 19:17:55 PDT