Thread: Sandboxing
View Single Post
  #1 (permalink)  
Old February 27, 2013, 03:13 PM
BrainEater's Avatar
BrainEater BrainEater is offline
Hall Of Fame
Join Date: Mar 2007
Location: Calgary
Posts: 2,741
Default Sandboxing


OK , so some dumb asshole decided it would be cool/fun/whatever to hack the servers of a business , and kill 3 days of production.Drinkers of the whole world unite , lets find this little bastard and beat em with a bottle.... !~!

Here's the short version : (and I don't know the whole story yet)

We *had* a mac g4 on our network used for music .Apparently , it was also used for the vuze bittorrent client.......this is where it gets fuzzy...Possibly thru vuze , or mebbie just from a corrupted you tube link , (or whatever , uncontrolled machine) , someone gained complete control.....they went from a machine not on the domain , right into our 'on-the-domain' servers , and encrypted our hdd's and then demanded randsom.

I have the 'infected , unaltered ' machine I believe , and I'm setting up a sandbox to run it in with something like solarwinds going.

I've also got a free PF router and switch setup.I want to record every single byte of data in and out of this rig.

Any sandboxing/whitehat tips ?



Supermicro X11DPi-NT:2x Xeon Gold 6144's:Lots more other stuff.Dual 4k monitor video .

Last edited by BrainEater; February 28, 2013 at 01:40 PM.
Reply With Quote