COM1 Foler HACKER!!!
Posted on 2003-11-03
SORRY, I Only have 150 points...I still really need some assistance
I have a slightly different twist. When i try to delete the COM1 dir, I get:
Directory of C:\Inetpub\ftproot
11/03/2003 08:29p <DIR> .
11/03/2003 08:29p <DIR> ..
11/03/2003 04:10p <DIR> COM1
11/09/2000 11:23p 24,576 ForceDel.exe
11/03/2003 08:29p <DIR> NtSystemInfo
11/03/2003 08:20p 56 trash.bat
11/03/2003 08:20p 87 trash2.bat
3 File(s) 24,719 bytes
4 Dir(s) 810,123,264 bytes free
The filename, directory name, or volume label syntax is incorrect.
For a little more detail, read on:
I know very little about hacking or the like. I have a problem I hope someone can help me with.
My FTP server is getting modified by someone or something. I am running IIS on win2k server. I have NAV Corporate Edition 2.7. I have a hardware-based firewall with ports open for FTP, SMTP, POP, HTTP and Terminal Services. I also have Exchange Server running.
Basically, my FTP site in IIS either has its Home Directory changed to some odd path pointing to a COM1 directory-This directory cannot be deleted. Sometimes the FTP server is stoppped and a version of serv-u is started on its port of 21. One time, my FTP server had its port changed to 51 and the serv-u took port 21.
I have tried POSIX - keeps telling me that the process cannot start and FPORT which has been useful to track serv-u.
I don't know what else to do. Everytime I seem to clear it up, it comes back.
David H. Little
Chief Technology Officer