We keep getting hacked into......

[FishTaco]

anyone have any suggestions for a decent low level disk editor? im pretty ignorant on the subject.....

[AxessTerminated]

Well, after recieving your PM on the subject, I have collected the following:

FishTaco wrote on Today 06:32 PM:
that makes a lot of sense. do you have a reccomendation for a decent low-level disk editor? also, do you know how i could prevent this in the future? ty

http://www.omnixray.com/
that site has what you should be able to use. (Low Level Disk-Editor)

http://www.sf-soft.de/winhex/disk-editor.html
The above is a disk-editor, but more hex/binary oriented.

As for prevention, there's no way, i know of to prevent the naming of the files as such, the only thing i can think of is getting hold of Portmonster 2.0 for a firewall.
http://www.zingsoftware.com

You may also want to invest in some decent antivirus software...Panda is the best I've found so far. There are also specialized programs for trojan removal to be found on google.

Panda Antivirus also supports free online scanning.
http://www.pandasoftware.com

[stanger]

oh my god...

i will tell you what you did (guess i will)
you ran or are still running an anonymous ftp on a windows machine (NT5)
the folders you are talking about /com1/ / / ... are build on winnt machines from ppl to store things on your machine nobody else should find.

so...if this is the only thing you got ,no problem, switch anonymous ftp off in your iisadmin.
if you need any specific help, just pm me .
if you want to and if you do trust me i will remove the folders for you.

if there is other intrusion you e.g. pointed the ftp the whole world could log in to your (asp????) website.
bad thing.

btw. no need of low level formatting.
only if these ppl are real a**holes and made the files undeletable on nt5 machine you have to format the partition.

[mohaughn]

Originally posted here by AxessTerminated
I have a BAT file here that creates such directories. The directories are out of the Windows GUI ASCII range. Using extended ASCII for the names causes Windows to use spaces, or other such things for the names. They can't be read from source, because the name to Windows is " ", but not to DOS. Remember, Windows is nothing but a GUI (a bad GUI) to DOS.
To delete them, do as an above post said, and get a low-level disk editor, or something of the like to delete them, or to atleast find the names of them, then delete them via command line.

While this was the case with win95, 98, etc .... It is no longer the case with any operating system based on NT. DOS is no longer the underlying operating system.

[sillyman]

I have tagged directories like this on an ftp which i can only access anonymously but i can delete and creat normal directories but i want to remove the tagged ones or view what people are storing on my server how do i delete or access.

[avenger_jcc]

Originally posted here by FishTaco
there is nothing in the folders. we are going to change all of the passwords just for good measure. The folders he made act pretty weird. If i try to navigate through them with a regular window, not windows explorer, the window crashes once i get to a certain folder. i dont have this problem with windows explorer. The names of the folders are prety odd as well. Here is the entire path that was created: C:\DataBackups\ \ \ \lpt3\~\com5\ScanneD \com7\by \com8\fisherman\com2\TaGGeD \com3\by \lpt1\TaGGeD_for_TC\com6\ \with Pappel-MaxPuB-TaGGeR \com3\uPPed \com7\BY \aux\fisherman . The blank spots are folders with no names. pretty weird eh?

THIS part is the Warez directory. I know, a FTP server of mine was once comprimised and this is what was done...

as far as not being able to delete things due to "access denied" close your web/ftp server and try it again...