X hits on this document

127 views

0 shares

0 downloads

0 comments

20 / 47

Orion Incident Response Live CD

1

Figure 12: tsvnc

The ssvnc tool runs on many platforms. It is included in Orion so responders can share other Orion desktops. It can also be installed on other platforms, such as Windows to allow collaboration with people who are not using currently using an Orion system.

Figure 13: Shared VNC session over SSH 6.5.2. Shared File Systems

Orion uses sshfs (FUSE file system support for SSH) to provide an encrypted tunnel for shared file systems between handlers. The home directory of every handler has a mount point for every other handler. In this way, analysis data can be shared, securely, in a real- time fashion between team members. One side note is that sshfs does not accept the path to the private key as a command line argument, so the following line must be added to the /etc/ssh/ssh_config file:

John Jarocki, john.jarocki@gmail.com

Document info
Document views127
Page views128
Page last viewedSun Dec 04 06:48:02 UTC 2016
Pages47
Paragraphs864
Words8806

Comments