View Single Post
February 28, 2013, 01:57 PM
Hall Of Fame
Join Date: Mar 2007
Ok , so I'll update and explain further.
We have IT , the steps are ongoing.We've reported to the authorities.Beer flows.
This is about pounding an 'effing coffin nail into some dumb shit that needs it.
Here's what I know.(or think I know)
The mac is the source.It had Vuze , as well as the possibility of someone just clicking the wrong link.
From what I understand , it went from said mac (not on the domain) into computers
on the domain
After that they appear to have access to everything , they encrypted the server hdd's.
It looks like a total compromise to me....rootkits etc....but I don't know , I'm trying to find out what paranoia level to escalate to.
So I've got that mac , and it was not cleaned from what I know....so I'm going to run it in a closed environment and see what pop's up....
Back to the original question.....Imma run snort on the sandbox router , and solarwinds elsewhere.....any advice on other stufff ?? .....I'm going run all the anti-malware /virus usuals......hijackthis etc....
Intel 3930k /rIVe/32 Gb vengeance LP/Nvidia 760/760/580/Intel 520's/WD raptors/etc...
Last edited by BrainEater; February 28, 2013 at
My System Specs
View Public Profile
Send a private message to BrainEater
Find all posts by BrainEater