Containing an Outbreak: How to Clean Your Network After an Incident
It's not the sort of statement want to hear in regards to network. Whether a network admin plans a containment strategy or an executive assessing the damage done, one knows that such situations cost time and money to resolve. Determining where to start can be equally as frustrating, especially when eradicating a threat can sometimes feel like a carnival game of Whack-A-Mole. Not all threats behave the same and some even update themselves, changing their behavior partway through a disinfection procedure. To make matters more complicated, may hear references to "Viruses" or "Worms" and these will be used interchangeably with "Threats" The purpose of this paper is to describe the principles behind these best practices with as little technical and Internet Security industry terminology as possible.