WikiPrint - from Polar Technologies

Needs attention:

Running the malware

Infrastructure security

Revisit the firewall rules on router to prevent leakage channels. Absolute minimum set of services should be allowed from testbed -> users/boss/etc.

Isolation from other experiments

Control net separation

Storage and Leakage

Primary goals are to allow vetted users to access the malware safely and prevent unauthorized users from gaining access.

Leakage of binaries

Some belt-and-suspenders support to prevent leakage is to export NFS shares read-only:

Storage

The archive is 60 GB (in two 30 GB archives). We will receive approximately 1 GB per day in updates. In light of the size, we will store it on scratch.

It will be exported using SMB in a password-protected share.

Policy Issues

Miscellaneous

Updates occur over SSH. We need to provide GA tech with a key.

How will we annotate the experiment file to let the testbed know this needs special treatment (i.e., read-only mounts, copy encryption key/token to box)?