Compromised (Linux) Server Lockdown: Hands-On Workshop (separate registration is required)

Tuesday, April 10 | 8:30AM–12:00PM ET | Maryland Ballroom F, Fifth Floor
Session Type: Additional Fee Program
Delivery Format: Preconference Workshop
This hands-on Linux host-based workshop will be run completely on the Virginia Cyber Range ( cloud. In this intermediate-level Linux security workshop, participants will get a bot-infected Linux server to secure and a trusted audit server to scan/test from. This compromised server lab provides a set of exploratory guidelines but requires beginner to intermediate-level Linux command line/networking skills. The end goal is to discover and document the nature of the system infection, stabilize the systems, and then "mop up" the infected system (if possible) to achieve a functionally secure, yet untrusted, configuration.

  • Learn how to scan and detect abnormal network port bindings
  • Learn how to clean up and secure an infected Linux network server using package managers
  • Be able to ensure the system state is stable enough to begin data migration to a freshly provisioned system

  • Requirements: Must bring a wifi/HTML5-browser enabled laptop. Highly recommend bringing a power supply and power cord.


  • Tweeks Weeks

    Director of Future Technology & Communities, Virginia Tech