Malware:ITX8042:2014:LAB5

Allikas: Kursused
Redaktsioon seisuga 8. oktoober 2014, kell 15:35 kasutajalt Toomas (arutelu | kaastöö) (Uus lehekülg: '== LAB5 == ===Additional Reading + presentations!=== [ Presentation1] ===Assignment=== ==== Write an incident report.==== Intsident report template [http://lambda.ee/w/ima...')
(erin) ←Vanem redaktsioon | Viimane redaktsiooni (erin) | Uuem redaktsioon→ (erin)
Mine navigeerimisribale Mine otsikasti

LAB5

Additional Reading + presentations!

[ Presentation1]


Assignment

Write an incident report.

Intsident report template Turvaintsidendi_raporti_vorm_eng.doc OR use any other suitable template (Provide te orgin for template)


Baseline for incidnet reporting

  • 4 different computers are infected with malware you found in lab 3

(you can choose which computer is infected with witch malware.)

  • computers are located in different network segments
  • Company uses 2 different antivirus products Macafee and Kasperski (brought with computers)
  • Company network layout
  • Network consist clients with OS windows xp sp3 , windows 8 , windows 7.


Timeline

  • 6.oct.2014 17:00 User Juhan Karu notice that his computer with win xp behaved in unusual way before shuting down machine.
  • 7.oct.2014 15:30 User Malle Maasikas mentioned to passing administrator that antivirus warned here about website she visited with here Win 7 machine.
  • you should describe future time line as you imagine it.
Pärit leheküljelt "http://courses.cs.taltech.ee/w/index.php?title=Malware:ITX8042:2014:LAB5&oldid=769"