​

​

Lab 5

​

​

08.10.2014

Plan for today

​

Intro to lab 5

​

​

Lab 5

Actually extension for lab 3

​

Write an incident report.

Report template

​

http://lambda.ee/w/images/1/1c/Turvaintsidendi_raporti_vorm_eng.doc

​

​

Timeline

​

• 6.oct.2014 17:00 User Juhan Karu notices that his computer with win xp behaved in unusual way before shutting down machine.
• 7.oct.2014 15:30 User Malle Maasikas mentioned to passing administrator that antivirus warned her about website she visited with her Win 7 machine.
• you should describe future time line as you imagine it.

​

​

​

Network

Other things to consider

• 4 different computers are infected with malware you found in lab 3
• (you can choose which computer is infected with witch malware.)
• computers are located in different network segments
• Company uses 2 different antivirus products Mcafee and Kaspersky (brought with computers)
• Network consist clients with OS windows xp sp3 , windows 8 , windows 7.

Most important thing

RECOMENDATIONS !!!!

Due date

22 October 2014.