?
Solved

Server Hacked and can't delete folders placed on it HELP

Posted on 2004-09-22
3
Medium Priority
?
394 Views
Last Modified: 2010-08-05
OK I know I should have had secure account set up on my IIS 5 ftp server, but I didn't and now I am paying the price.  Someone logged in anomyously on my server and created a folder with no name.  I mean it is just blank in the name, but it shows up blank as a directory in the command line also.  I have tried to delete the folder but all I get is folder or file cannot be found.  Please help me get rid of this folder and all of its subcontents.  If you need more information please ask.
0
Comment
Question by:jk9694
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 1

Accepted Solution

by:
darkdrago earned 1500 total points
ID: 12128403
well you could probably use something like knoppix to delete the folder
http://www.knoppix.org/
that would probably be the easiest thing to do
0
 
LVL 1

Author Comment

by:jk9694
ID: 12128593
Great that worked and i figured worse comes to worse I could just reformat the drive I do keep really good backups.  What or how can a folder/directory be created that shows up like that?  I was able to browse the folder, but like i said deleting was impossible even as the administrator.
0
 
LVL 1

Expert Comment

by:darkdrago
ID: 12145187
sorry about the long delay as I am currently getting ready to move.
I dont believe that is was you didnt have permission to delete it. I think it was a bug in windows itself. I remember back in windows 98 days (or at least that was when I heard of it) that you could name a folder with a certain ascii code and it couldnt be deleted via gui and possible commandline.
Now for this person to do something like that on your box they may have gotten a local console and did it or probably used a *nix os got into the system then just made it remotely. There are probably other ways but I dont know off hand.
found a couple more things to that you might want to look at just for reference.
http://support.microsoft.com/default.aspx?scid=kb;en-us;120716
http://support.microsoft.com/default.aspx?scid=kb;en-us;320081
0

Featured Post

Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Hey fellow admins! This time, I have a little fairy tale for you. As many tales do, it starts boring and then gets pretty gory. I hope you like it. TL;DR: It is about an important security matter, you should read it if you run or administer Windows …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question