Home page logo
/

pauldotcom logo PaulDotCom mailing list archives

Re: LAN Virus outbreak Procedures
From: "Butturini, Russell" <Russell.Butturini () Healthways com>
Date: Thu, 2 Sep 2010 13:07:56 -0500

I've had much success with VLANing the affected systems off from the rest of the network and deploying some kind of 
local "cleanup" machine that's hardened to work on the remediation process.

From: pauldotcom-bounces () mail pauldotcom com [mailto:pauldotcom-bounces () mail pauldotcom com] On Behalf Of Tyler 
Robinson
Sent: Thursday, September 02, 2010 10:28 AM
To: PaulDotCom Security Weekly Mailing List
Subject: [Pauldotcom] LAN Virus outbreak Procedures

Hey everyone just wondering what kinds of procedures you are using to prevent and stop virus outbreaks on your local 
network after some genius end user investigates child porn on local network PCs. Do most of you use microsofts firewall 
with GP and just open exceptions for the applicatoins that need it or run another piece of software. I have a massive 
infection that i cannot track down our Eset is catching them but my network is nothing but trojan packets we were not 
running an internal firewall (previous Admin setup) without hardend systems, So do i start hardening systems first and 
then do a GP with Firewall or does anyone have any better suggestions first to get my network back and clean the 
infection second to setup the correct way so there is no next time..As always thanks so much to the PDC community you 
guys are the best.
TR

--
Tyler Robinson
Owner of Computer Impressions

******************************************************************************
This email contains confidential and proprietary information and is not to be used or disclosed to anyone other than 
the named recipient of this email, 
and is to be used only for the intended purpose of this communication.
******************************************************************************
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault