Friday 4 April 2014

Project 4, Session 17

As part of the risk analysis, we need a contingency plan. Worst case scenario, you're host PC Could be infected. Perform a bit-to-bit backup of your computer before you start working with the images. You can then restore the PC shoulderstand it become infected.

Priten Patel
Research methods how to secure the system
Prevent Compromising the machine by writing data to it / old ring data
- Steps to take & Document
Explain how to remove the malware infection

Jack Hall
Research on isolating virtual machines from the physical machine.
Instead of remote logging, need to create a log sheet to show the decision making with the analysis
Detail all applications installed
Explain how to Improve the security in order to preventDefault the malware infection in the first place
Compiled report
Compiled Presentation

Abdul Rauf
Document Different methods of bit to bit cloning
Detail service packs

Kirran Aldridge
Detailed operating systems used-Not received by set time, told kirran to include in individual upload
Detailed BIOS settings - Not received by set time , told kirran to include in individual upload
Legal Aspects

Hisham Qureshi
Legal Aspects - Notified of task change via text 
- Removed due to work being completely Call Call unrelated to the task required as well as Obvious plagiarism.
Move the ontological tasks outlined below.
Did not attend

Everyone
-------------------------------------------------- ------------
Produce multiple copies of the machine using bit to bit cloning
Jack
Priten
Abdul
-------------------------------------------------- ------------
Find the infected files
Jack
Priten
Abdul
-------------------------------------------------- ------------
Explain the purpose / payload of the malware
Jack
Priten
Abdul
-------------------------------------------------- ------------
Detail any adverse effects
Jack
Abdul
-------------------------------------------------- ------------
Detail the type found malware on the machine
Jack
Priten
Abdul
-------------------------------------------------- ------------
Critically evaluate own methods used
Jack
Priten
Abdul
-------------------------------------------------- ------------
Explain tools and techniques
Jack
Priten
Abdul
-------------------------------------------------- ------------

Links:

Sandbox: http://www.shadowdefender.com/

Forensic software write-blockers: http://www.forensicsoft.com/safeblock.php

Forensic Log: http://1drv.ms/Ndfeiz

Memory Capture:        http://forensic.belkasoft.com/en/ram/download.asp
Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)