Re: Conficker - your opion on how to determine the source of infection on a given network
- From: Guy <full-disclosure@xxxxxxxxxxxxxx>
- Date: Sat, 15 Aug 2009 10:24:03 -0400
On Thu, Aug 13, 2009 at 1:55 PM, Tiflin, Conrad (ZA - Cape
Town)<ctiflin@xxxxxxxxxxxxxx> wrote:
Quick Question to all.
Anyone else have better ideas to determine the source computer on a network from which conficker originated?
./CT
AntiVirus detection logs. TrendMicro servers at the job provide
historical data so that we may determine infection origins. Then a
forensic analysis of the box tells of how/where the virus was
obtained.
-Guy
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
- References:
- Re: Conficker - your opion on how to determine the source of infection on a given network
- From: Tiflin, Conrad (ZA - Cape Town)
- Re: Conficker - your opion on how to determine the source of infection on a given network
- Prev by Date: Re: To go to University - For the CISSP etc. - Good idea/Bad idea???
- Next by Date: Re: Conficker - your opion on how to determine the source of infection on a given network
- Previous by thread: Re: Conficker - your opion on how to determine the source of infection on a given network
- Next by thread: Re: Conficker - your opion on how to determine the source of infection on a given network
- Index(es):
Relevant Pages
|
