Postmortem (Hypothetical Scenario)
Firewall — Unauthorized user detected on Web Server
Aug 28, 2017 · 3 min read
Issue Summary
On Friday, August 25th — during configuration of the ufw (uncomplicated firewall) on one of the servers (web-02) for the domain — chrisnovelli.online — said firewall (codename — ‘Fahrenheit’) was seemingly breached by an unauthorized user, at approximately 4:51 pm PST. This unauthorized user appeared to have access to the server for the better part of 45 minutes, until 5:36 pm PST

