Sounds like you need to take a quick step back and assess your position:
- What malware are you working with? (any details online?) - What are its specific characteristics? - How many potential machines? - Does it phone home in any way? - What tools/systems do you have in place that can *detect* an infected system? - What tools do you have that can clean an infected system? Then design your incident response from there. On Thu, Sep 2, 2010 at 10:27 AM, Tyler Robinson <[email protected]>wrote: > Hey everyone just wondering what kinds of procedures you are using to > prevent and stop virus outbreaks on your local network after some genius end > user investigates child porn on local network PCs. Do most of you use > microsofts firewall with GP and just open exceptions for the applicatoins > that need it or run another piece of software. I have a massive infection > that i cannot track down our Eset is catching them but my network is nothing > but trojan packets we were not running an internal firewall (previous Admin > setup) without hardend systems, So do i start hardening systems first and > then do a GP with Firewall or does anyone have any better suggestions first > to get my network back and clean the infection second to setup the correct > way so there is no next time..As always thanks so much to the PDC community > you guys are the best. > TR > > -- > Tyler Robinson > Owner of Computer Impressions > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
