Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IE Malware / Spyware Control Methods

From: Valdis.Kletnieks () vt edu
Date: Fri, 07 Jan 2005 21:43:49 -0500
On Fri, 07 Jan 2005 13:20:48 EST, Gary Baribault said:


The next solution or in combination with the first is to create Ghost
images and just ghost people's machines when their beyond repair.


The problem here is that you need to know that you have a "good" image.
Restoring a machine with a 2-day old image that was taken the day after
the malware got *on* the machine just means that you're probably looking
at another failure 2 days from now.  Also, if you have user data on the
machine, you need to remember to back that up via other means - if you're
imaging the machine once every week for restores, your user may lose up
to 6 days of work if you don't have other backups in place (imaging it
every night is probably a bad idea, due to the high risk of ghosting an
already corrupted system...)

Attachment: _bin
Description:

Previous By Date Next
Previous By Thread Next

Current thread: