I Got Hacked! Now What Do I Do?

Great article by Jesper Johansson at http://technet.microsoft.com/en-us/library/cc512587.aspx

Here are the key take home messages:

  • You can’t clean a compromised system by patching it.
  • You can’t clean a compromised system by removing the back doors
  • You can’t clean a compromised system by using some “vulnerability remover.”
  • You can’t clean a compromised system by using a virus scanner
  • You can’t clean a compromised system by reinstalling the operating system over the existing installation
  • You can’t trust any data copied from a compromised system
  • You can’t trust the event logs on a compromised system
  • You may not be able to trust your latest backup
  • The only way to clean a compromised system is to flatten and rebuild

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com

PROWESS CONSULTING documentation | integration | virtualization
Email: [email protected]
MVP – Forefront Edge Security (ISA/TMG/IAG)

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top