Chapter 5. Virus Outbreak I
This chapter details the case of a virus attack, highlighting the potential harm that viruses can cause. It shows that virus investigations involve not only identifying the source of the infection but also determining the depth of infection.
It is widely believed that protecting e-mail, the most common way for viruses to propagate, should be enough to mitigate the risk of being hit with a virus. However, this case shows that poor firewall configuration, combined with a lack of patch management, can also leave a network open to a virus infection.
Some time ago we received a call from a biomedical research firm for which we had previously installed several UNIX systems. The firm was having trouble with its systems ...