By: Didier Stevens

Didier Stevens — Wed, 16 Aug 2006 20:06:22 +0000

This is what I do at home, and it didn’t happen over one night, but it evolved over many years.
I’ve worked at companies that are even better prepared than that! But of course, I’ve seen worse also

By: LonerVamp

LonerVamp — Mon, 14 Aug 2006 14:24:26 +0000

Just a few things. I like your post, and it illustrates that gone are the times when you can have a ‘push-button’ admin or even desktop guy. They need to be able to at least read through technical information on malware in order to determine the impact and ‘cleanability.’ I don’t 100% trust my antivirus vendors, which is why I tend to read briefs from as many as I can, and I try to verify the malware variant myself through multiple fingerprints, if you will.

I don’t think many people will argue with your “prepared” list, but is that just your system(s) at home, or is your entire company prepared in that way? If so, I’d be mad impressed, and kudos to you! But therein lies the challenge for us admin types…we know what we need to do (let’s assume we do and there aren’t morons out there, for a minute) but that costs time, effort, user productivity, and in same indirect ways, happiness. That’s a tough hill to climb to achieve agility, recoverability, and security like those steps you describe above.

Well…at least it will keep us with jobs for a long time to come, no?

Nice post though, I enjoy this stuff a lot!

LonerVamp (new visitor)

Comments on: Cleaning up after an infection, and then?

By: Didier Stevens

By: LonerVamp