Linux Incident Response

A high-priority Linux web server is exhibiting irregular network traffic and unusual process spikes. Forensic telemetry suggests a possible web shell deployment and a persistent malicious service.

Objectives:

• Identify and Research Symptoms.
• Contain the active malicious process.
• Eradicate persistence mechanisms (files).
• Minimal Disruption: Keep production services online.

Notice: The "Mission Debriefing" unlocks automatically upon achieving a 90% validation score.