Thread: Sandboxing
View Single Post
  #1 (permalink)  
Old February 27, 2013, 02:13 PM
BrainEater's Avatar
BrainEater BrainEater is offline
Hall Of Fame
 
Join Date: Mar 2007
Location: Calgary
Posts: 2,502
Default Sandboxing

Mhhrmmm

OK , so some dumb asshole decided it would be cool/fun/whatever to hack the servers of a business , and kill 3 days of production.Drinkers of the whole world unite , lets find this little bastard and beat em with a bottle.... !~!

Here's the short version : (and I don't know the whole story yet)

We *had* a mac g4 on our network used for music .Apparently , it was also used for the vuze bittorrent client.......this is where it gets fuzzy...Possibly thru vuze , or mebbie just from a corrupted you tube link , (or whatever , uncontrolled machine) , someone gained complete control.....they went from a machine not on the domain , right into our 'on-the-domain' servers , and encrypted our hdd's and then demanded randsom.

I have the 'infected , unaltered ' machine I believe , and I'm setting up a sandbox to run it in with something like solarwinds going.

I've also got a free PF router and switch setup.I want to record every single byte of data in and out of this rig.

Any sandboxing/whitehat tips ?

TYIA

Ross

__________________
Intel 3930k /rIVe/32 Gb vengeance LP/Nvidia TITAN/760/760/Intel 520's/WD raptors/etc...

Last edited by BrainEater; February 28, 2013 at 12:40 PM.
Reply With Quote