Show page

Differences

This shows you the differences between two versions of the page.

--- isc:labs:06 [2024/11/11 10:50]
vlad_iulius.nastase
+++ isc:labs:06 [2024/11/11 14:43] (current)
vlad_iulius.nastase
@@ Line 27: / Line 27: @@
 If needed, we will also use [[https://cloud.grid.pub.ro/|Openstack]] (limited capacity). Use the ''%%isc_prj%%'' project and start a VM with the following specifications:
-  * Source: Volume Snapshot -> ''%%snapshot for ISC Malware Lab%%'' (**also check ''%%Yes%%'' where it says "Delete Volume on Instance Delete"**)
+  * Source: ''%%ISC Malware Lab%%''
-  * Flavor: ''%%m1.xxlarge%%''
+  * Flavor: ''%%m1.isc_malware_lab%%''
 You don't need to specify an SSH key, we will be using the browser console to interact with the virtual machine.
@@ Line 159: / Line 159: @@
-Ransomware is a type of malware that encrypts documents and files on your computer, demanding a ransom to obtain a decryption key or program. In our case, the entire content of the ''%%very_important_documents%%'' folder on your Desktop has been encrypted.
+Ransomware is a type of malware that encrypts documents and files on your computer, demanding a ransom to obtain a decryption key or program. In our case, the entire content of the ''%%very_secret_documents%%'' folder on your Desktop has been encrypted.
 But is there any way you can recover those files? Since we presume the attacker has a decryption key for your files, that means the ransomware must communicate in some way. Try and use Wireshark to see if any traffic seems out of the ordinary.

isc/labs/06.1731315005.txt.gz · Last modified: 2024/11/11 10:50 by vlad_iulius.nastase

Lectures