Moch Zainuddin Qomari 13.2.2.13 Lab - Incident Handling.pdf...

This preview shows page 1 - 2 out of 2 pages.

Moch Zainuddin Qomari 13.2.2.13 Lab - Incident HandlingLab - Incident HandlingScenario 1: Worm and Distributed Denial of Service (DDoS) Agent InfestationPreparationI will scan all types of malware and scan the IP address to ensure that other PCs are clean,prepare trusted anti-virus, document every change, and I will also do a lot of research oncurrent worms to learn how it works etc.Detection And AnalysisMy first step for detection and analysis is to run anti-virus to detect viruses and check all thesoftware whether it has been updated. after that, I will scan the IP address to find the nexttarget. Adjacent IP addresses can be a good place to detect if a host is infected with a worm.In general, every legitimate program runs in a certain location on the network. Worms, on theother hand, need to find a target. If we monitor the number of IP addresses scanned by thehost, and if it exceeds a certain limit, we can safely assume that the worm has been detected.

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 2 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Spring
Professor
N/A
Tags
IP address, Detection and Analysis

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture