Thread replies: 7
Thread images: 1
Anonymous
2016-05-09 06:55:16 Post No. 54457212
[Report]
Image search:
[Google]
Anonymous
2016-05-09 06:55:16
Post No. 54457212
[Report]
What's the best way to handle a possible security breach through the means of a Meterpreter shell? I did some scanning on my network with Wireshark and discovered unusual interaction between 2 Windows devices on my network and a couple of IP addresses. One of the IP addresses is associated with Shodan, another with SoftLayer VPS services. I took all devices off of the internet and I plan on backing up needed data before wiping both drives. Both IP addresses have been reported on AbuseIPDB for SQL injections, Meterpreter shells, DDoSing, SSH/FTP brute forcing, and more. Besides wiping the drives, what's a good way to find the shell and kill it?