Presentation is loading. Please wait.

Presentation is loading. Please wait.

Day 4-1-5 Wipe, Recover, Replace, Archives Remote fallback 4-1-5.wipe, recover, replace 1.

Published byGeoffrey Gilmore Modified over 9 years ago

Similar presentations

Presentation on theme: "Day 4-1-5 Wipe, Recover, Replace, Archives Remote fallback 4-1-5.wipe, recover, replace 1."— Presentation transcript:

1 Day 4-1-5 Wipe, Recover, Replace, Archives Remote fallback 4-1-5.wipe, recover, replace 1

2 action plan to recover minimalize the impact of incident - recover in proper manner - not to be compromised again - quickly 4-1-5.wipe, recover, replace 2

3 compromised system any file on the system is suspicious - you may be able to remove a malware - there could be another malware that you could not detect 4-1-5.wipe, recover, replace 3

4 wipe don’t use files in the compromised system - programs, documents, images clean up the storage in the system - HDD, SSD, flash memory 4-1-5.wipe, recover, replace 4

5 wipe to give away data is still there even if formatted - you can read it by special tools - an electric microscope can read more - causes leakage of secret data you need to make sure data erased # dd if=/dev/urandom of=/dev/ bs=16M 4-1-5.wipe, recover, replace 5 off-topic though

6 recover ‘clean install’ from a scratch - format the disk, use a proper OS image apply OS patches to be up-to-date - it could be vulnerable before patched - update on secure network, behind NAT install needed applications - check upgrades, of course 4-1-5.wipe, recover, replace 6

7 recover(cont.) disable unnecessary services - the same as hardening procedure check configurations - if any weakness change all password on the system - any password might be stolen 4-1-5.wipe, recover, replace 7

8 replace you may replace the compromised system - spare server - spare client may want to secure the compromised system for further investigation 4-1-5.wipe, recover, replace 8

9 replace(cont.) hardening the system - update everything - disable unnecessary services check configurations - if any weakness change all password on the system - any password might be stolen 4-1-5.wipe, recover, replace 9

10 plan of archives generations of backups - configurations - data files - source codes 4-1-5.archives and remote fallback 10

11 generations you have a ‘good’ version of backup there - if a system is compromised, malware might be also backup in the archive, you won’t want to restore that though - if something goes wrong by change, you may restore the previous version find a ‘good’ version from your archives 4-1-5.archives and remote fallback 11

12 off-site Archives 2011 Tohoku earthquake and tsunami - flushed buildings, data centers - 4 local governments lost whole data on the family registration system They have off-site backups - took about 1 month to recover though - wanted to make sure nothing is missed 4-1-5.archives and remote fallback 12

13 plan of remote fallback difficulties to recover locally - no hardware available - long-term power outage - fire, disaster you can restart your service, if resources available somewhere - flexible 4-1-5.archives and remote fallback 13

14 points to consider DNS protection - the same (or similar) level of protection - update ACLs, keys if needed service relationship - check other systems if they need to update ACLs on their side 4-1-5.archives and remote fallback 14

Download ppt "Day 4-1-5 Wipe, Recover, Replace, Archives Remote fallback 4-1-5.wipe, recover, replace 1."

Similar presentations

Security Update Server Registration, Active scanning and Windows patching.

Security Update Server Registration, Active scanning and Windows patching.
Copyright 2006 Mid-City Offices Systems. Busy people… How would your business be affected, if you suddenly lost all of your computer data? Rush through.

Copyright 2006 Mid-City Offices Systems. Busy people… How would your business be affected, if you suddenly lost all of your computer data? Rush through.
True Business-Class Remote Online Backup 44% Of All Computer Users Have Reported At Least One Permanent Data Loss Your Business Data IS Your Business –

True Business-Class Remote Online Backup 44% Of All Computer Users Have Reported At Least One Permanent Data Loss Your Business Data IS Your Business –
How to Ensure Your Business Survives, Even if Your Server Crashes Backup Fast, Recover Faster Fast and Reliable Disaster Recovery, Data Protection, System.

How to Ensure Your Business Survives, Even if Your Server Crashes Backup Fast, Recover Faster Fast and Reliable Disaster Recovery, Data Protection, System.
Recovery Planning A Holistic View Adam Backman, President White Star Software

Recovery Planning A Holistic View Adam Backman, President White Star Software
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Managing Your Network Environment © 2004 Cisco Systems, Inc. All rights reserved. Managing Cisco IOS Devices INTRO v2.0—9-1.

Managing Your Network Environment © 2004 Cisco Systems, Inc. All rights reserved. Managing Cisco IOS Devices INTRO v2.0—9-1.
© 2005, QEI Inc. all characteristics subject to change. For clarity purposes, some displays may be simulated. Any trademarks mentioned remain the exclusive.

© 2005, QEI Inc. all characteristics subject to change. For clarity purposes, some displays may be simulated. Any trademarks mentioned remain the exclusive.
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Preservasi Informasi Digital.  It will never happen here!  Common Causes of Loss of Data  Accidental Erasure (delete, power, backup)  Viruses and.

Preservasi Informasi Digital.  It will never happen here!  Common Causes of Loss of Data  Accidental Erasure (delete, power, backup)  Viruses and.
COMPUTER BACKUP A disaster will happen to you one day…an accidentally deleted file, a new program that caused problems or a virus that wreaked havoc, wiping.

COMPUTER BACKUP A disaster will happen to you one day…an accidentally deleted file, a new program that caused problems or a virus that wreaked havoc, wiping.
Back Up and Recovery Sue Kayton February 2013.

Back Up and Recovery Sue Kayton February 2013.
Source XP vs Windows 7 XPWin 7.

Source XP vs Windows 7 XPWin 7.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Incident Response Updated 03/20/2015

Incident Response Updated 03/20/2015
November 2009 Network Disaster Recovery October 2014.

November 2009 Network Disaster Recovery October 2014.
Client Management. Introduction In a typical organization there are a lot of client machines used for day to day operations Client management is a necessary.

Client Management. Introduction In a typical organization there are a lot of client machines used for day to day operations Client management is a necessary.
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.

Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

Similar presentations

Ads by Google