Security Basics mailing list archives
Re: Analyzing Suspicious Attachment
From: "Ali, Saqib" <docbook.xml () gmail com>
Date: Thu, 17 Jan 2008 09:53:02 -0800
Outside of the obvious policy and training issues, what is the best way to determine what if any damage has been done to the network? What tools do I need to analysis the attachment to see what it is and how it works?
i would backup just the "data" files from the computers, re-image the machine, and then restore the data files. you can never fully determine the extent of the damage, so it is better to re-image the machine..... saqib http://www.quantumcrypto.de/dante/
Current thread:
- RE: Remote desktop access policy, (continued)
- RE: Remote desktop access policy Petter Bruland (Jan 18)
- AW: Remote desktop access policy Johannes Lemmerer (Jan 18)
- Re: Remote desktop access policy Josh Haft (Jan 18)
- Re: Remote desktop access policy The Security Community (Jan 18)
- Re: Remote desktop access policy Kurt Buff (Jan 19)
- Re: Remote desktop access policy WALI (Jan 21)
- Re: Remote desktop access policy Kurt Buff (Jan 21)
- Re: Remote desktop access policy Gleb Paharenko (Jan 18)
- Re: Remote desktop access policy Kurt Buff (Jan 19)
- Re: Analyzing Suspicious Attachment brian . bevers (Jan 17)
- RE: Analyzing Suspicious Attachment Richard Golodner (Jan 18)
- Re: Analyzing Suspicious Attachment Josh Haft (Jan 18)
- RE: Analyzing Suspicious Attachment Petter Bruland (Jan 18)
- Re: Analyzing Suspicious Attachment Lee Hinman (Jan 18)