Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1587
Views
5
Helpful
2
Replies

Malware/Ransomware Testing...Safe On Separate VLAN?

1timcisco
Level 1
Level 1

‎08-07-2021 12:42 PM - edited ‎08-07-2021 02:14 PM

I have an ESXi server connected to 1 physical interface on my firepower 1010 that has 2 VLANS.

I have my pentest/kali box on one VLAN and a nasty malware infected windows machine one the other VLAN.

I have set the access rules to only let traffic in the malware network but nothing comes out.

Is this setup safe.  I have other interfaces routed to other trusted networks on the firepower 1010 that I don't want to infect at all cost.

0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎08-07-2021 02:47 PM

as long it is a separate setup from the production network you are good with, different interface and different zone.

 

make sure after testing, that the device can not connect to another Lan ? without proper investigation or wipe and build new before bringing to Live network.

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

johnlloyd_13
Level 9
Level 9

‎08-08-2021 09:13 PM

hi,

is this a live production network?

it's not advisable to do any pen testing in a live network unless there's an explicit permission from your IT management.

it's better and safe to test on an isolated network or in a virtual lab environment.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card