Lessons learned from virus infections
This article does not intend for security administrators to intentionally infect machines; instead it is a guide to what an unintended infection can uncover about a network. With security companies such as Symantec reporting that 40% of Fortune 100 companies have been infected with viruses over a period of six months, it is well worth the exercise to see what can be learned from these infections. Specifically, after an infection is a time to evaluate the technical pieces of the defense perimeter (including firewalls, ACLs, etc.) and the non-technical pieces (continuity plans, emergency response, etc.).
By Jason Gordon at SecurityFocus.
[ Read more ]