Security Incidents: Re: IE Malware / Spyware Control Methods

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Re: IE Malware / Spyware Control Methods

From: Valdis.Kletnieks () vt edu
Date: Fri, 07 Jan 2005 21:43:49 -0500

On Fri, 07 Jan 2005 13:20:48 EST, Gary Baribault said:

The next solution or in combination with the first is to create Ghost
images and just ghost people's machines when their beyond repair.


The problem here is that you need to know that you have a "good" image.
Restoring a machine with a 2-day old image that was taken the day after
the malware got *on* the machine just means that you're probably looking
at another failure 2 days from now.  Also, if you have user data on the
machine, you need to remember to back that up via other means - if you're
imaging the machine once every week for restores, your user may lose up
to 6 days of work if you don't have other backups in place (imaging it
every night is probably a bad idea, due to the high risk of ghosting an
already corrupted system...)

Attachment: _bin
Description:

By Date By Thread

Current thread:

IE Malware / Spyware Control Methods Illuminatus Master (Jan 07)
- Re: IE Malware / Spyware Control Methods Gary Baribault (Jan 07)
  - Re: IE Malware / Spyware Control Methods harley mcdonald (Jan 07)
  - RE: IE Malware / Spyware Control Methods George M. Garner Jr. (Jan 07)
  - Re: IE Malware / Spyware Control Methods Valdis . Kletnieks (Jan 10)
- Re: IE Malware / Spyware Control Methods Chris Krough (Jan 07)
- Re: IE Malware / Spyware Control Methods Harlan Carvey (Jan 07)
  - Re: IE Malware / Spyware Control Methods Valdis . Kletnieks (Jan 10)
- Re: IE Malware / Spyware Control Methods Paul Laudanski (Jan 10)
- <Possible follow-ups>
- RE: IE Malware / Spyware Control Methods Paris E. Stone (Jan 07)