26
Marty Gillespie (mgg@dnaco.net)
Eradication
I
•Remove the
initial attack vector
–Perform vulnerability
assessment
•Check machine that has
been attacked, as well as related systems (same subnet, shared
trust relationships, etc.)
–Obtain software
patches to remove attack vector, if available
–Resolve configuration
issues