Educause Security Discussion mailing list archives

Re: Win2003 Server, IPSEC & HackerDefender

From: "Weeks, Calvin W." <cweeks () OU EDU>
Date: Tue, 10 Aug 2004 11:40:41 -0500

I would agree. Wipe the drive and start all over and change all passwords associated with the infected machine(s). This 
has been the only way that we have been able to remove H.D. Rootkit.
For the IPSEC configurations we use the NSA guides and if sample configurations are needed please, request to me at 
cweeks () ou edu. We have samples for most services.



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~Calvin Weeks, (CISSP), CISM, EnCE
~Director, OU Cyber Forensics Lab
~University of Oklahoma
~http://security.ou.edu


-----Original Message-----
From: The EDUCAUSE Security Discussion Group Listserv 
**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.

Current thread:

Win2003 Server, IPSEC & HackerDefender Michael G Carr (Aug 10)
- <Possible follow-ups>
- Re: Win2003 Server, IPSEC & HackerDefender Brian Eckman (Aug 10)
- Re: Win2003 Server, IPSEC & HackerDefender Steve Schuster (Aug 10)
- Re: Win2003 Server, IPSEC & HackerDefender Weeks, Calvin W. (Aug 10)
- Re: Win2003 Server, IPSEC & HackerDefender Danny Lee (Aug 10)
- Re: Win2003 Server, IPSEC & HackerDefender Berbeco, Robert W (Aug 10)