Powered by Bitpipe CIO Research Library

 RESEARCH LIBRARY HOME   WHITE PAPERS   PRODUCTS   MULTIMEDIA 
SEARCH the Research Library: HELP   |  WHAT'S POPULAR
CSI for the CISO
sponsored by Information Security Magazine
Posted:  06 Sep 2007
Published:  01 Sep 2007
Format:  HTML
Length:  10   Page(s)
Type:  Journal Article
Language:  English


ABSTRACT:
From all indications, something bad had happened. After installing an intrusion prevention system, the security team at UW Medicine spotted several machines trying to communicate with an IRC botnet server in France. Cindy Jenkins, a security engineer and computer forensics expert at the medical and research organization, immediately went on a hunt for clues behind the suspicious activity.

Hours spent combing through images of the hard drives from the infected PCs turned up the attackers' tools: an IRC bot, a rootkit and an FTP server. Passive network scanning detected more compromised systems. To save time, Jenkins made hash sets--digital fingerprints--of the malware so she could look just for the hash sets when inspecting additional images. She determined the machines were infected 18 to 24 months earlier--before the IPS and other security measures were installed.


Author

Marcia Savage
Features Editor ,  Information Security



BROWSE RELATED RESOURCES
Computer Forensics | Cybersecurity | Hackers | Industrial Espionage | Internal Threats | Intrusion Detection

View All Resources sponsored by Information Security Magazine

Library Home |  White Papers |  Products |  Multimedia |  Partner with Us
 
Bitpipe Definitions: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Other
What's Popular at Bitpipe? Daily Top 50 Reports | Daily Top 100 Topics | Popular Report Topics | Popular Product Topics
CIO Research Library Copyright © 1998-2008 Bitpipe, Inc. All Rights Reserved.
Designated trademarks and brands are the property of their respective owners.
Use of this web site constitutes acceptance of the Bitpipe Terms and Conditions and Privacy Policy.
webmaster@techtarget.com