Re: Conficker - your opion on how to determine the source of infection on a given network



On Thu, Aug 13, 2009 at 1:55 PM, Tiflin, Conrad (ZA - Cape
Town)<ctiflin@xxxxxxxxxxxxxx> wrote:
Quick Question to all.

Anyone else have better ideas to determine the source computer on a network from which conficker originated?


./CT

AntiVirus detection logs. TrendMicro servers at the job provide
historical data so that we may determine infection origins. Then a
forensic analysis of the box tells of how/where the virus was
obtained.

-Guy

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------