MaGe Linux Operations

Sep 30, 2018 · Information Security

How a New Year UDP Flood Hid a Trojan: A Linux Incident Response Walkthrough

This article recounts a Chinese New Year server breach where massive UDP traffic masked a Trojan on an Oracle‑Tomcat host, detailing the forensic steps to identify the malicious process, restore service with iptables rules, and uncover a weak SSH password as the root cause.