Educause Security Discussion mailing list archives
Re: Malware forensics
From: "Mclaughlin, Kevin (mclaugkl)" <mclaugkl () UCMAIL UC EDU>
Date: Fri, 18 Nov 2011 22:17:34 -0500
Dave: Not really answering your questions but one thing I just stumbled on here is that our asset management group had all kinds of hardware, switches, etc. that we can get for free and these items make excellent lab resources. We stick all kinds of stuff on them and can attack them, analyze them, etc. Asset management was more than willing to provide infosec with the equipment for us to play with. Most of the stuff we found to use was surprisingly "new". -Kevin Kevin L. McLaughlin AVP, Information Security & Special Projects University of Cincinnati On Nov 18, 2011, at 1:18 PM, "Nevin, David" <Dave.Nevin () OREGONSTATE EDU> wrote:
We're currently reevaluating how we perform Malware forensics here and wanted to see what others were doing. Are you doing it in-house or outsourcing? If in-house, do you have dedicated staff for this, or is this tasked distributed? How do you keep people current—do you have a preferred vendor for training? If you outsource, do you use a major vendor such as one of the big consulting firms, or do you prefer a local specialist? How has this worked for you? Or have you implemented a blended solution, where certain cases are handled in-house and others referred to a vendor? Thanks all, and happy Friday, Dave -- Dave Nevin, IT Manager Technology Support Services/Information Services Oregon State University Corvallis, OR
Current thread:
- Re: Deepfreeze - Why not?, (continued)
- Re: Deepfreeze - Why not? Michael Sana (Nov 17)
- Re: Deepfreeze - Why not? Schoenefeld, Keith P. (Nov 17)
- Re: Deepfreeze - Why not? Ryan Hiebert (Nov 17)
- Re: Deepfreeze - Why not? Dave Koontz (Nov 17)
- Re: Deepfreeze - Why not? SCHALIP, MICHAEL (Nov 17)
- Re: Deepfreeze - Why not? Rich Graves (Nov 17)
- Re: Deepfreeze - Why not? Mclaughlin, Kevin (mclaugkl) (Nov 17)
- Re: Deepfreeze - Why not? Tim Doty (Nov 18)
- Re: Deepfreeze - Why not? Rich Graves (Nov 17)
- Re: Deepfreeze - Why not? Heath Barnhart (Nov 18)
- Malware forensics Nevin, David (Nov 18)
- Re: Malware forensics Mclaughlin, Kevin (mclaugkl) (Nov 18)
- Re: Malware forensics Brian J Smith-Sweeney (Nov 20)
- Re: Malware forensics Nevin, David (Nov 28)
- Re: Deepfreeze - Why not? Mclaughlin, Kevin (mclaugkl) (Nov 18)