[Pauldotcom] LAN Virus outbreak Procedures

[Butturini, Russell]

I've had much success with VLANing the affected systems off from the rest of the network and deploying some kind of local "cleanup" machine that's hardened to work on the remediation process.

From: pauldotcom-bounces at mail.pauldotcom.com [mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of Tyler Robinson
Sent: Thursday, September 02, 2010 10:28 AM
To: PaulDotCom Security Weekly Mailing List
Subject: [Pauldotcom] LAN Virus outbreak Procedures

Hey everyone just wondering what kinds of procedures you are using to prevent and stop virus outbreaks on your local network after some genius end user investigates child porn on local network PCs. Do most of you use microsofts firewall with GP and just open exceptions for the applicatoins that need it or run another piece of software. I have a massive infection that i cannot track down our Eset is catching them but my network is nothing but trojan packets we were not running an internal firewall (previous Admin setup) without hardend systems, So do i start hardening systems first and then do a GP with Firewall or does anyone have any better suggestions first to get my network back and clean the infection second to setup the correct way so there is no next time..As always thanks so much to the PDC community you guys are the best.
TR

--
Tyler Robinson
Owner of Computer Impressions

******************************************************************************
This email contains confidential and proprietary information and is not to be used or disclosed to anyone other than the named recipient of this email, 
and is to be used only for the intended purpose of this communication.
******************************************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20100902/67dd22f7/attachment.htm