Major File Permissions Problem

[ToKeN]

Okay, someone hacked into my Win32 FTP server. This is whats happening:

They made directories not even visable in Firefox (ftp://andy.tcdextreme.com). These are full of their files filling up my HDD. Now Windows tells me I dont have permission to access these folders/files on my server. I booted into Knoppix Linux hoping to delete the files that way, It let me read the files (I seen they uploaded Kill Nill etc..) but when I try and delete I dont even have permission that way... even though in Windows I set EVERYONE to FULL permissions. And yes im logging in using administrator etc.

 

[HoLoCroN]

Check the ownership of the files. If you have to "Take Ownership" of them and then reset the permissions and delete those files from your drive.

Unfortunately, worste case scenario, you might have to reformat your drive and begin from scratch.

Also make sure you PC's Operating System is up to date with the security patches as well as any FTP software that you might be using.

 

[fitzjj]

like holocron said you need to take ownership of the directories. Do this by right clicking > sharing and security... > security > advanced. Under the owner tab you want to change the owner back....

...but before you do all of that it is likely there is a trojan on your compuer that has given a remote SID ownership of the files. Do a virus scan and remove any dodgy looking files. When you take ownership of the files make sure that you recurse through the directory and take ownership of all of the files in your ftp server and not just the one.

you should never give 'Everyone' write permission to your FTP site, in fact you should be very selective as to who you give write permission to. I personally give no one write permission and allow only anonymous access. If you do give people write permission you should perhaps consider getting them to change their passwords, perhaps one of them got compremised.