Rogue Cent OS 7 VM

General support questions
Post Reply
cctsupport
Posts: 1
Joined: 2019/12/02 15:38:05

Rogue Cent OS 7 VM

Post by cctsupport » 2019/12/02 15:40:01

Hi All,

we have discovered a rogue Cent OS 7 VM on our hyperv server.

this has been a VM installed by a breach.

I've gotten as far as resetting the root password and installing a desktop.

Can you please offer some advice on how I can check what this VM was set up to be used for?

thanks.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Rogue Cent OS 7 VM

Post by TrevorH » 2019/12/02 15:50:47

CentOS is a linux distrbution targetted at Enterprises - hence the "ent" in the name. It is a clone of Red Hat Enterprise Linux. As such it can be used for many things and the vast majority of those use would be legal and law abiding. In all likelihood, the VM was probably installed by one of your own employees investigating linux.

What makes you so sure it's a breach?
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

Post Reply