Security Park, the leading online news site for security professionals
Home | About us | Contact us | Submit an article | Advertise | Sales leads | Newsletter | RSS Newsfeed | SEARCH
Security Resources
Security News Security companies Jobs forum Knowledge base White papers Research library Security books Special reports Security links Security events Classifieds Directory GET LISTED!

Product News
Access Control Biometrics CCTV Intruder Alarms IT Security Manned Guarding Perimeter Protection Physical Security Remote Monitoring Security Services Fire, Health & Safety Other Security Products

Security Markets
Bank and financial services security Buildings and office security Education and school security Entertainment and events security Homeland and Government security Hospital and healthcare security Infrastructure and utilities security Manufacturing and industrial security Public sector security Residential and home security Retail security SME security Sports and recreational security Transport and logistics security


Develop an ISO 27001-compliant Information Security Management System
This useful guide clarifies the steps you have to follow to develop an ISO 27001-compliant ISMS. Each step is integral in how secure your information security system is.

Need a
reference book?
Find it on Amazon:
Security books and magazines in association with Amazon.co.uk







advertise
sumbit an article
copyright
terms & conditions
privacy policy
CMS and Web design by www.Areza.com


SecurityPark Research Library

Help | Advanced Search
 What's New?
What's Popular?
CSI for the CISO
sponsored by Information Security Magazine
Posted:  06 Sep 2007
Published:  01 Sep 2007
Format:  HTML
Length:  10  Page(s)
Type:  Journal Article
Language:  English

Get this Document
E-mail this to a colleague!
ABSTRACT:

From all indications, something bad had happened. After installing an intrusion prevention system, the security team at UW Medicine spotted several machines trying to communicate with an IRC botnet server in France. Cindy Jenkins, a security engineer and computer forensics expert at the medical and research organization, immediately went on a hunt for clues behind the suspicious activity.

Hours spent combing through images of the hard drives from the infected PCs turned up the attackers' tools: an IRC bot, a rootkit and an FTP server. Passive network scanning detected more compromised systems. To save time, Jenkins made hash sets--digital fingerprints--of the malware so she could look just for the hash sets when inspecting additional images. She determined the machines were infected 18 to 24 months earlier--before the IPS and other security measures were installed.
Get this now!
AUTHOR: 

Marcia Savage
Features Editor, Information Security


BROWSE RELATED RESOURCES:

Computer Forensics | Cybersecurity | Hackers | Industrial Espionage | Internal Threats | Intrusion Detection
View All Resources sponsored by Information Security Magazine

Library Home | Advertise with Us | Product Library
A Service of Bitpipe

SecurityPark Research Library Copyright © 1998-2008 Bitpipe, Inc. All Rights Reserved.
Designated trademarks and brands are the property of their respective owners.
TechTarget · 117 Kendrick St · Needham, MA · 02494
Use of this web site constitutes acceptance of the Bitpipe Terms and Conditions and Privacy Policy.
webmaster@bitpipe.com