Formatting and reinstalling after a security incident

Thursday, 8 May 2003, 11:47 AM EST

Missing files, corrupt data, sluggish performance, programs not working - any of these things could indicate a breach in network security. Once the breach has been identified and mitigated, the painful process of rebuilding and recovery begins. There is a point you reach in the recovery process, after you have done a little digging, put a finger on what might have gone wrong, where you come to the proverbial "fork in the road". Every security professional or systems administrator has faced the decision at some point in his or her career: is it better to try to repair the damage, or just reinstall the system and start from scratch?

This IT dilemma will plague us all at some point. In this article, we will examine the process of starting over, and more specifically, reinstalling as the result of a security incident. We will focus on the steps necessary to prevent a repeat intrusion, get your system back online and ensure a rapid response in the future should this happen again. Needless to say, these steps should be planned in advance of any security incident and should be included in the organization's incident response policy.

[ Read more ]


Credential manager system used by Cisco, IBM, F5 has been breached

Pearson VUE is part of Pearson, the world's largest learning company. Over 450 credential owners (including IT organizations such as IBM, Adobe, etc.) across the globe use the company's solutions to develop, manage, deliver and grow their testing programs.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Nov 25th