From owner-freebsd-questions@FreeBSD.ORG Sat Jun 23 06:36:47 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A114A106566B for ; Sat, 23 Jun 2012 06:36:47 +0000 (UTC) (envelope-from erichfreebsdlist@ovitrap.com) Received: from alogreentechnologies.com (alogreentechnologies.com [67.212.224.110]) by mx1.freebsd.org (Postfix) with ESMTP id 5277B8FC08 for ; Sat, 23 Jun 2012 06:36:47 +0000 (UTC) Received: from x220.ovitrap.com ([122.129.201.75]) (authenticated bits=0) by alogreentechnologies.com (8.13.1/8.13.1) with ESMTP id q5N6ahtg008272; Sat, 23 Jun 2012 00:36:46 -0600 From: Erich Dollansky To: RetspaN Code , freebsd-questions@freebsd.org Date: Sat, 23 Jun 2012 13:36:42 +0700 User-Agent: KMail/1.13.7 (FreeBSD/10.0-CURRENT; KDE/4.8.3; amd64; ; ) References: <1340379530.49640.YahooMailNeo@web190402.mail.sg3.yahoo.com> <201206231315.28209.erich@alogreentechnologies.com> <1340432642.15254.YahooMailNeo@web190405.mail.sg3.yahoo.com> In-Reply-To: <1340432642.15254.YahooMailNeo@web190405.mail.sg3.yahoo.com> MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <201206231336.42768.erichfreebsdlist@ovitrap.com> Cc: Subject: Re: I have a problem to my server running under FreeBSD 8.1 p-1 release X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Jun 2012 06:36:47 -0000 Hi, On Saturday 23 June 2012 13:24:02 RetspaN Code wrote: > Hello, > > Intruder already block, but my problem is the intruder before they get > block they load their exploit file to my machine that cause of my machine > /usr/src directory is set to read only i can't upload or put any file on > that folder saying permission denied. How to repair some of my files are > need to update. specially freebsd files. the user intruder can't login > anymore to the machine thru terminal using root access coz direct root > login access is disabled already. and ttys also set to IS or "insecure". > So my problem now is this how to fix that issue? so that i can update my > server machine to the latest. i want to upgrade my 8.1 to 9.0 it is > possible without problem after updates? chmod would be your friend. But you still do not know what kind of software is now running outside of your control. I would not even trust the compiler or even ls anymore on such a system. erich