[41507] in Resnet-Forum
Malware Live CD removal anyone?
daemon@ATHENA.MIT.EDU (Mike King)
Thu Jan 12 14:57:27 2017
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary=001a113cbc0c7a1d890545e85158
Message-ID: <CANtPpk586wLZmSmLiu0zB+NnHFr7qJuQi4xTroSMyFAoaiRdMg@mail.gmail.com>
Date: Thu, 12 Jan 2017 11:36:24 -0500
Reply-To: Resnet Forum <RESNET-L@listserv.nd.edu>
From: Mike King <me@MPKING.COM>
To: RESNET-L@listserv.nd.edu
--001a113cbc0c7a1d890545e85158
Content-Type: text/plain; charset=UTF-8
So we've just had something happen that hasn't happen in a long time.
We had a lab image have a virus on it, and a very large lab was deployed
with the image.
Of course, the lab has alot of custom software that was not scripted, but
hand installed, so the usual answer of Nuke it and rebuild is going to be
extrememly painful.
We haven't tried to clean boxes in along time, what's is everyone's
favorite tool set?
(I don't have the exact virus right now)
___________________________________________________
You are subscribed to the ResNet-L mailing list.
To subscribe, unsubscribe or search the archives,
go to http://LISTSERV.ND.EDU/archives/resnet-l.html
___________________________________________________
--001a113cbc0c7a1d890545e85158
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">So we've just had something happen that hasn't hap=
pen in a long time.<div><br></div><div>We had a lab image have a virus on i=
t, and a very large lab was deployed with the image. =C2=A0</div><div><br><=
/div><div>Of course, the lab has alot of custom software that was not scrip=
ted, but hand installed, so the usual answer of Nuke it and rebuild is goin=
g to be extrememly painful.</div><div><br></div><div>We haven't tried t=
o clean boxes in along time, what's is everyone's favorite tool set=
?</div><div><br>(I don't have the exact virus right now)</div></div>
___________________________________________________
You are subscribed to the ResNet-L mailing list.
<p>
To subscribe, unsubscribe or search the archives,
go to <a href=3D"http://LISTSERV.ND.EDU/archives/resnet-l.html" target=3D"_blank">http://LISTSERV.ND.EDU/archives/resnet-l.html</a>
___________________________________________________
--001a113cbc0c7a1d890545e85158--
