Priten Patel
Research methods how to secure the system
Prevent Compromising the machine by writing data to it / altering data
- Steps to take & Document
Jack Hall
Research on isolating virtual machines from the physical machine.
Instead of remote logging, need to create a log sheet to show the decision making with the analysis
Detail all applications installed
Explain how to Improve the security in order to prevent the malware infection in the first place
Abdul Rauf
Document Different methods of bit to bit cloning
Detail service packs
Did not attend
Kirran Aldridge
Detailed operating systems used
Detailed BIOS settings
Legal Aspects
Did not attend
Hisham Qureshi
- Removed due to work being completely unrelated to the task required as well as obvious plagiarism.
Move onto the tasks outlined below.
Did not attend
Everyone
--------------------------------------------------------------
Produce multiple copies of the machine using bit to bit cloning
Jack
Priten
--------------------------------------------------------------
Find the infected files
Jack
--------------------------------------------------------------
Explain the purpose / payload of the malware
Jack
--------------------------------------------------------------
Detail any adverse effects
Jack
--------------------------------------------------------------
Detail the type found malware on the machine
Jack
--------------------------------------------------------------
Critically evaluate own methods used
--------------------------------------------------------------
Explain tools and techniques
Jack
--------------------------------------------------------------
Links:
Sandbox: http://www.shadowdefender.com/
Forensic Software Write-Blocker: http://www.forensicsoft.com/safeblock.php
Forensic Log: http://1drv.ms/Ndfeiz
Memory Capture: http://forensic.belkasoft.com/en/ram/download.asp
No comments:
Post a Comment
Note: only a member of this blog may post a comment.