ok, here's the deal. I have been working for this company for sometime, and have been telling them that they needed to get on the security bandwagon but they have been pretty much responded with indifference... until now.

Seems that their FTP site has been passed around by the "underground" like a $2 whore on shore leave.

We have several "tagged" directories with a lot of 0-day stuff in them. I have now been tasked with cleaning up this mess. I started with the basics. Installing every patch I could find, running IIS lockdown, and even disabling FTP access to our site. NOW here comes the difficult part, at least for me.

I can't seem to remove these tagged directories. They look something like this:

website root <dir>
tagged <dir>
by <dir>
a persons name <dir>
4 group name <dir>
com <dir> sometimes aux <dir>

Now I can't remove these directories, nor can I actually traverse them in explorer or from the command prompt. I also noticed in a couple of the directories that the "." and sometimes the ".." directories are missing or not listed.

Any help would be greatly appreciated. I can't boot from DOS as this machine is all NTFS and I don't have the NTFS boot software that's floating around out there.

This is also really causing a problem because their email server is running on this machine and there is no hard drive space left to create the virutal dirs needed to run email. There are approximately 5-6 GB of stuff on here that I need to get rid of yesterday

I can be reached at [email protected] if you wish to use email, or just post your ideas in here... I really need help here folks.


TIA,

El Diablo