Re: Malware forensics

["Mclaughlin, Kevin (mclaugkl)" <mclaugkl () UCMAIL UC EDU>]

Dave:
Not really answering your questions but one thing I just stumbled on here is that our asset management group had all 
kinds of hardware, switches, etc. that we can get for free and these items make excellent lab resources. We stick all 
kinds of stuff on them and can attack them, analyze them, etc.   Asset management was more than willing to provide 
infosec with the equipment for us to play with. Most of the stuff we found to use was surprisingly "new".

-Kevin

Kevin L. McLaughlin
AVP, Information Security & Special Projects
University of Cincinnati


On Nov 18, 2011, at 1:18 PM, "Nevin, David" <Dave.Nevin () OREGONSTATE EDU> wrote:

> We're currently reevaluating how we perform Malware forensics here and wanted to see what others were doing. Are you 
> doing it in-house or outsourcing? 
>
> If in-house, do you have dedicated staff for this, or is this tasked distributed? How do you keep people current—do 
> you have a preferred vendor for training?
>
> If you outsource, do you use a major vendor such as one of the big consulting firms, or do you prefer a local 
> specialist? How has this worked for you? 
>
> Or have you implemented a blended solution, where certain cases are handled in-house and others referred to a vendor? 
>
> Thanks all, and happy Friday,
>
> Dave
>
> --
> Dave Nevin, IT Manager
> Technology Support Services/Information Services
> Oregon State University
> Corvallis, OR