A Security Operation Centre of Company ITF(International Trade & Freight) recognised unusual outbound network traffics arising from a Linux server on 12 Oct 2018. The server was a web server with a WordPress enabled; the server operator created a user account with root privileges for investigators and shut down the server after being informed of such traffics. Your job is to investigate the server using basic Linux commands and/or any tools you have, and answer the questions below.
- TIME120 MINUTES
- COST10 CRYSTALS