Thread: Sandboxing
View Single Post
  #10 (permalink)  
Old February 28, 2013, 01:57 PM
BrainEater's Avatar
BrainEater BrainEater is offline
Hall Of Fame
Join Date: Mar 2007
Location: Calgary
Posts: 2,742

Ok , so I'll update and explain further.

We have IT , the steps are ongoing.We've reported to the authorities.Beer flows.


This is about pounding an 'effing coffin nail into some dumb shit that needs it.

Here's what I know.(or think I know)

The mac is the source.It had Vuze , as well as the possibility of someone just clicking the wrong link.

From what I understand , it went from said mac (not on the domain) into computers on the domain.

After that they appear to have access to everything , they encrypted the server hdd's.

It looks like a total compromise to me....rootkits etc....but I don't know , I'm trying to find out what paranoia level to escalate to.

So I've got that mac , and it was not cleaned from what I I'm going to run it in a closed environment and see what pop's up....


Back to the original question.....Imma run snort on the sandbox router , and solarwinds elsewhere.....any advice on other stufff ?? .....I'm going run all the anti-malware /virus usuals......hijackthis etc....

Supermicro X11DPi-NT:2x Xeon Gold 6144's:Lots more other stuff.Dual 4k monitor video .

Last edited by BrainEater; February 28, 2013 at 02:21 PM.
Reply With Quote