You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Yesterday I successfully built the Linux VM but found something on my host that concerns me.
When I rebooted and ran netstat, I found that a couple of w/o servers were contacted. Mostly fastly OSCP servers and domains called Warsaw. infra and graveyard. infra
I ran rk hunter and detected that Permitrootlogin in the ssh config was set to undefined and there was a hidden .java file in /etc/
The Warsaw and graveyard domains ran over the 5000 port range.
Are these domains legit or am I PWN'D
And could it be that some HTTP:// URI in the build.sh script have been Sniffed on?
Would love to hear from you.
Cheers.
The text was updated successfully, but these errors were encountered:
Hey there,
Yesterday I successfully built the Linux VM but found something on my host that concerns me.
When I rebooted and ran netstat, I found that a couple of w/o servers were contacted. Mostly fastly OSCP servers and domains called Warsaw. infra and graveyard. infra
I ran rk hunter and detected that Permitrootlogin in the ssh config was set to undefined and there was a hidden .java file in /etc/
The Warsaw and graveyard domains ran over the 5000 port range.
Are these domains legit or am I PWN'D
And could it be that some HTTP:// URI in the build.sh script have been Sniffed on?
Would love to hear from you.
Cheers.
The text was updated successfully, but these errors were encountered: