[[TOC]]

'''Needs attention:'''
 * Policy issues needs more work

== Running the malware ==

=== Infrastructure security ===

Revisit the firewall rules on router to prevent leakage channels. Absolute minimum set of services should be allowed from testbed -> users/boss/etc.

=== Isolation from other experiments ===

Control net separation

== Storage and Leakage ==

Primary goals are to allow vetted users to access the malware safely and prevent unauthorized users from gaining access.

=== Leakage of binaries ===

Some belt-and-suspenders support to prevent leakage is to export NFS shares read-only:

 * /proj, /groups, /share, etc.
 * home directories

=== Storage ===

The archive is 60 GB (in two 30 GB archives). We will receive approximately 1 GB per day in updates. In light of the size, we will store it on scratch.

It will be exported using SMB in a password-protected share.

== Policy Issues ==

 * Do not copy it off experiment
 * Do not attempt to run on non-malware experiment

== Miscellaneous ==

Updates occur over SSH. We need to provide GA tech with a key.

How will we annotate the experiment file to let the testbed know this needs special treatment (i.e., read-only mounts, copy encryption key/token to box)?