Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Conficker - your opion on how to determine the source of infection on a given network

From: Guy <full-disclosure () nullamatix com>
Date: Sat, 15 Aug 2009 10:24:03 -0400
On Thu, Aug 13, 2009 at 1:55 PM, Tiflin, Conrad (ZA - Cape
Town)<ctiflin () deloitte co za> wrote:

Quick Question to all.

Anyone else have better ideas to determine the source computer on a network from which conficker originated?


./CT


AntiVirus detection logs. TrendMicro servers at the job provide
historical data so that we may determine infection origins. Then a
forensic analysis of the box tells of how/where the virus was
obtained.

-Guy

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: