Penetration Testing mailing list archives
Re: Conficker - your opion on how to determine the source of infection on a given network
From: Guy <full-disclosure () nullamatix com>
Date: Sat, 15 Aug 2009 10:24:03 -0400
On Thu, Aug 13, 2009 at 1:55 PM, Tiflin, Conrad (ZA - Cape Town)<ctiflin () deloitte co za> wrote:
Quick Question to all. Anyone else have better ideas to determine the source computer on a network from which conficker originated? ./CT
AntiVirus detection logs. TrendMicro servers at the job provide historical data so that we may determine infection origins. Then a forensic analysis of the box tells of how/where the virus was obtained. -Guy ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: Conficker - your opion on how to determine the source of infection on a given network Tiflin, Conrad (ZA - Cape Town) (Aug 15)
- Re: Conficker - your opion on how to determine the source of infection on a given network Guy (Aug 15)
- Message not available
- Re: Conficker - your opion on how to determine the source of infection on a given network Fabien Vincent (Aug 15)
- Re: Conficker - your opion on how to determine the source of infection on a given network Juan Luis Susillo (Aug 16)
- Re: Conficker - your opion on how to determine the source of infection on a given network 51l3n73y3s (Aug 16)
- Message not available
- Re: Conficker - your opion on how to determine the source of infection on a given network 51l3n73y3s (Aug 17)
- Re: Conficker - your opion on how to determine the source of infection on a given network Fabien Vincent (Aug 15)
- [Suspected Spam]RE: Conficker - your opion on how to determine the source of infection on a given network Adrián Auguet (Aug 17)
- [Tools update] The Security-Database Watch Newsletter -- v20090815 SD List (Aug 16)
- RE: Conficker - your opion on how to determine the source of infection on a given network Banks, Jason (R.J.) (Aug 27)