Illegal file names on a Windows 2000 server

Posted on 2003-01-02
Last Modified: 2012-06-08
I have a 2K server that was left wide open for ftp.  It has now been 'hacked' and I have about 9GB space that has disappeared to files with illegal names for the files and directories.  They appear to be Mac file names.  I've tried a couple of utilites to rename the files so that I can delete them.  There must be a better way.  I once knew the dos del command that would let me delete files with a space at the end or beginning of a file or diretory name.  Any ideas?
Question by:dpreynolds

    Accepted Solution

    i recently had this happen...ugh.  if you have information in your ftp directory you want to keep you'll need to move it to another folder.  stop the ftp site.  from the command line use the RD /S /Q command. the /S deletes all subfolders and the /Q supresses the OK prompts. RD /? will give you the full proper syntax.  you'll need to delete the entire root folder because you can't "see" the corrupt folder.  after it's deleted recreate the folder, copy all your saved ftp data back and apply some security.  
    LVL 44

    Expert Comment

    Try this open a command window and do this

    Open a CMD.EXE window.
    CD to the top of the mess.
    Use: DIR /X /A   to see the SHORT FILE NAMES of the files and directories there.
    Use a combination of CD, RD, and DEL and the SHORT FILES names reported with DIR /X to delete your way to the bottom and then back up the tree removing the files on the way down and the directories on the way up.
    Most likely there is NOT a protection issue here so you shouldn't need worry about ownership or file protections.

    How to Remove Files with Reserved Names in Windows;en-us;120716

    The Crazy One

    Expert Comment

    you can work your way back using the commands from crazyone however if your FTP directory is like mine was (full of directories with no names, symbols and some credits to the author totally about 25+ sub directories) it will be painfully time consuming.  crazyone is absolutely correct about file ownership and protection.

    Author Comment

    Good suggestion.  I actually did not get to try to solution although it should have worked.  I was able to delete the files by connecting to the server with a Mac client and the files could just be deleted.  

    Expert Comment

    We had a couple of servers that were left open to anonymous users with write permissions enabled for the ftp server. People took advantage of the open state of the IIS boxes and imediately started to fill the drives with gigs and gigs of data, ranging from .mp3s to full length ripped dvds.  The directory structure was confounding, with ascii characters, blank directories, system reserved naming, and just plain ugly hierarchy. It took me a few days of research to finally find an easy solution of deleting these files which could not be dealt with any conventional form of file removal. I tried everything - even the Microsoft solution did not work for me (suprize!).

    After reading this thread (and several others) I had an Idea, tried it, and poof - all the files and directories are gone! No need for the tedious cd, ren, dir /x stuff that was so frustrating - and did not work.

    Here's what I did:

    Stopped the IIS services
    Copied the APPS\POSIX directory from the Windows 2000 Resource Kit CD to the server
    renamed c:\inetpub\ftproot to c:\inetpub\crap
    moved the c:\inetpub\crap directory into the POSIX directory
    Opened a command prompt and executed:
    C:\POSIX\rm -r crap

    POOF!!! In an instant (well, not really, it deleted over 30 Gb of data) everything was gone in that hideous directory!

    Featured Post

    What Should I Do With This Threat Intelligence?

    Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

    Join & Write a Comment

    Suggested Solutions

    Title # Comments Views Activity
    Cursor typing problems 5 17
    windows 2000 3 417
    Remote Desktop Software 6 438
    Active Directory Replication 10 1,121
    NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
    DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
    Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

    732 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now