Frank Barcenas

Asked: 2017-03-04 10:25:09 +0800 CST2017-03-04 10:25:09 +0800 CST 2017-03-04 10:25:09 +0800 CST

How do I remove internet access from a Google Instance?

One of the cloud instances I manage got hacked. It is powered down at the moment, but I want to bring it up disconnected from the internet. So I can examine and analyze it with it continuing to do it's harm.

What do I need to do to make that happen?

1 Answers

Voted

Best Answer

EEAA
2017-03-04T10:46:55+08:002017-03-04T10:46:55+08:00
What do I need to do to make that happen?

Apply firewall rules to it that restrict all traffic, inbound and outbound, except that which is explicitly required for you to gain access to the server.

The best way to dig yourself out is to not start up this server again at all, but rather take an image of its storage volume and mount it on a separate server. Then you can recover data without taking a risk that the malicious code will become active again.
7

How do I remove internet access from a Google Instance?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?