Security Basics mailing list archives
Re: MS IIS 5 server is hacked leaving undeletable folders and files
From: Mike Arnold <mike () midkaemia fsnet co uk>
Date: Wed, 1 Jan 2003 23:01:13 +0000
On Tuesday 31 December 2002 4:54 pm, Don Phillipe wrote:
I have a small server I use for my home business and use it mainly for anyone who needs to send a large file that will not go through email. I have an anonymous UPLOAD FTP account that I open up to receive these. From time to time I forget and leave this open (I know this is stupid but I thought I could just erase anything that was put there because the small drive would fill up real soon). However, I see someone has hacked into my server and put a bunch of trash that I cannot delete because when I try to delete it, Windows 2K says "cannot find the specified file". I have spent 2 days researching this and cannot find any reference of how to correct this. I did find some reference to looking at the security tab for these files but the security tab is missing! I found some tools which are supposed to set owners for files and they don't work on these files. Here is the log from where the hacker attacked below. Any help would be appreciated. I don't want to have to rebuild my server if possible:
If you have access to a linux bootable cd/floppy you can delete it in that. Must have NTFS support though. I have done this before using this technique, took 2 minutes. Cheers -- By three methods we may learn wisdom: First, by reflection, which is noblest; Second, by imitation, which is easiest; and third by experience, which is the bitterest. --Confucius
Current thread:
- RE: MS IIS 5 server is hacked leaving undeletable folders and files Optrics Engineering - Shaun Sturby, MCSE (Jan 02)
- <Possible follow-ups>
- Re: MS IIS 5 server is hacked leaving undeletable folders and files khayes (Jan 02)
- Re: MS IIS 5 server is hacked leaving undeletable folders and files Mike Arnold (Jan 02)
- Re: MS IIS 5 server is hacked leaving undeletable folders and files Stelian Popescu-Crainic (Jan 02)
- RE: MS IIS 5 server is hacked leaving undeletable folders and files Jimmy Sansi (Jan 02)