RE: forcdos.exe = serv-u....

["Mortis" <m0rtis () adelphia net>]

It's pretty hard to make sense out of this thread.  Too many
contradictions and assumptions.  I know this link was just
posted, but it's worth a repeat.

http://www.catb.org/~esr/faqs/smart-questions.html

> The files have now been accessed and removed.

Do you know how they got in, and have you corrected it?  If
not, getting a copy of the malware is not your top priority.
Unplugging the network cable is.

http://www.honeypots.net/incidents/links

> In the end, knowing the path, we set up a ftp
> server on the box, ...

> also a second method to retrieve the files
> (cheers Axel)  i later found out
> was to simply use CMD!  cd straight into the
> directory under the com1 dir -
> and if needed attrib -h and copy to another
> directory.   (easy when u know
> how,hi)

Nice of Axel to STFW for you.

http://www.google.com/search?q=rename+directory+com1
http://www.google.com/search?q=folder+com1
http://groups.google.com/groups?q=folder+com1

I did this last week.  I guess I forgot to tell you the
answer.  Early Alzheimer's.  ADD.  Too fscking lazy.
Whatever.

Use \\.\drive:\path\file
Use posix commands from the win2k resource kit
Use dir \x to get a long name and use that
Use a shell port like cygwin
Use ftp
Boot Unix from CD and go nuts
http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q120
716
--
Gratefully dead,
Mortis


---------------------------------------------------------------------------
----------------------------------------------------------------------------