a free solo climbing to sanitize virtual machines : linux
Nowadays when a laptop safety incident happens, it’s crucial to quarantine the machine (physicical or virtualized) so as to keep away from knowledge leaks. Current malware has multiples phases that change info with C&C (Command an Crontrol) servers, subsequently it wants to be mitigated as quickly as doable. A doable resolution could possibly be to monitor entry factors of nodes for example software listing (/var/www/<web site>/html). Fitz Roy monitorizes Linux company filesystems (uncooked, qcow2, vmdk , vdi, vpc, vhd) counting on libguestfs and Virustotal’s API. Libguestfs mounts virtual machine filesystem and uploads suspicious recordsdata to Virustotal’s API that are then analyzed and a malware detection report is generated. The mission has been carried out in C and constructed with autotools. Tool will be fitted below DFIR (Digital Forensic and Incident Response) discipline as a result of it may be helpful in Eradication and Recovery phases. It additionally can be utilized in Preparation phases so as to examine virtual machine backups.