From owner-freebsd-questions@FreeBSD.ORG  Sat Jun 23 06:36:47 2012
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A114A106566B
	for <freebsd-questions@freebsd.org>;
	Sat, 23 Jun 2012 06:36:47 +0000 (UTC)
	(envelope-from erichfreebsdlist@ovitrap.com)
Received: from alogreentechnologies.com (alogreentechnologies.com
	[67.212.224.110])
	by mx1.freebsd.org (Postfix) with ESMTP id 5277B8FC08
	for <freebsd-questions@freebsd.org>;
	Sat, 23 Jun 2012 06:36:47 +0000 (UTC)
Received: from x220.ovitrap.com ([122.129.201.75]) (authenticated bits=0)
	by alogreentechnologies.com (8.13.1/8.13.1) with ESMTP id
	q5N6ahtg008272; Sat, 23 Jun 2012 00:36:46 -0600
From: Erich Dollansky <erichfreebsdlist@ovitrap.com>
To: RetspaN Code <silent24_2007@yahoo.com>, freebsd-questions@freebsd.org
Date: Sat, 23 Jun 2012 13:36:42 +0700
User-Agent: KMail/1.13.7 (FreeBSD/10.0-CURRENT; KDE/4.8.3; amd64; ; )
References: <1340379530.49640.YahooMailNeo@web190402.mail.sg3.yahoo.com>
	<201206231315.28209.erich@alogreentechnologies.com>
	<1340432642.15254.YahooMailNeo@web190405.mail.sg3.yahoo.com>
In-Reply-To: <1340432642.15254.YahooMailNeo@web190405.mail.sg3.yahoo.com>
MIME-Version: 1.0
Content-Type: Text/Plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <201206231336.42768.erichfreebsdlist@ovitrap.com>
Cc: 
Subject: Re: I have a problem to my server running under FreeBSD 8.1 p-1
	release
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Jun 2012 06:36:47 -0000

Hi,

On Saturday 23 June 2012 13:24:02 RetspaN Code wrote:
> Hello,
> 
> Intruder already block, but my problem is the intruder before they get
> block they load their exploit file to my machine that cause of my machine
> /usr/src directory is set to read only i can't upload or put any file on
> that folder saying permission denied. How to repair some of my files are
> need to update. specially freebsd files. the user intruder can't login
> anymore to the machine thru terminal using root access coz direct root
> login access is disabled already. and ttys also set to IS or "insecure".
> So my problem now is this how to fix that issue? so that i can update my
> server machine to the latest. i want to upgrade my 8.1 to 9.0 it is
> possible without problem after updates?

chmod would be your friend.

But you still do not know what kind of software is now running outside of your 
control.

I would not even trust the compiler or even ls anymore on such a system.

erich