| System Commands |
P1: Restore basic user-level system commands to correct functionality. |
M1: Restore system-level binaries to correct functionality. |
D1: Fully restore all command functions. |
| Scheduled Tasks |
P2: Review and remove obvious malicious scheduled tasks. |
M2: Identify and remove condition-based automated tasks. |
D2: Review and remove deeply embedded malicious system tasks. |
| Update and Package Management |
P3: Update and upgrade packages. |
M3: Remove restrictions on firewall installation. |
|
| Firewall and Network Security |
|
M4: Install a firewall and configure it to block malicious traffic. |
|
| User and Group Management |
P4: Remove obvious malicious users and secure legitimate users. |
M5: Identify and remove hidden malicious users. |
D3: Implement secure user password and hashing policies. |
| SSH Security |
P5: Configure secure SSH settings, allowing legitimate users to use their SSH keys. |
M6: Remove malicious SSH settings and configurations. |
D4: Terminate and block malicious SSH sessions. |
| Malicious Programs and Software |
P6: Remove any bind or reverse shells. |
M7: Identify and remove password loggers. |
D5: Find the rest of the malicious threats. |
| Folder and File Permissions |
P7: Ensure critical files have correct permissions. |
|
|
| FTP Security |
P8: Configure secure FTP settings and allow users to access the FTP server |
M8: Restrict access to users or groups. |
|
| Verbal Pass Off |
P9: Successfully answer two pass-off questions chosen by the TA. |
|
|