Compromised (Linux) Server Lockdown: Hands-On Workshop (separate registration is required)
Compromised (Linux) Server Lockdown: Hands-On Workshop (separate registration is required)
Tuesday, April 10 | 8:30AM–12:00PM ET | Maryland Ballroom F, Fifth Floor
Session Type:
Additional Fee Program
Delivery Format:
Preconference Workshop
This hands-on Linux host-based workshop will be run completely on the Virginia Cyber Range (virginiacyberrange.org) cloud. In this intermediate-level Linux security workshop, participants will get a bot-infected Linux server to secure and a trusted audit server to scan/test from. This compromised server lab provides a set of exploratory guidelines but requires beginner to intermediate-level Linux command line/networking skills. The end goal is to discover and document the nature of the system infection, stabilize the systems, and then "mop up" the infected system (if possible) to achieve a functionally secure, yet untrusted, configuration.
Outcomes:
Learn how to scan and detect abnormal network port bindings
Learn how to clean up and secure an infected Linux network server using package managers
Be able to ensure the system state is stable enough to begin data migration to a freshly provisioned system
Requirements: Must bring a wifi/HTML5-browser enabled laptop. Highly recommend bringing a power supply and power cord.
Presenters
Tweeks Weeks
Director of Future Technology & Communities, Virginia Tech