Author

Topic: Network with compromised machine (Read 1164 times)

legendary
Activity: 4214
Merit: 1313
August 13, 2016, 04:25:15 PM
#5
(as long as the virus doesn't lie within the motherboard's BIOS).

Any examples of this?



What are the vectors from a compromised machine on a network? Can running an OS within an OS, or something of that nature, protect from these?

If you google bios virus, you'll see examples:
e.g. http://www.tomshardware.com/news/bios-virus-rootkit-security-backdoor,7400.html
member
Activity: 82
Merit: 10
August 13, 2016, 02:39:48 PM
#4
(as long as the virus doesn't lie within the motherboard's BIOS).

Any examples of this?



What are the vectors from a compromised machine on a network? Can running an OS within an OS, or something of that nature, protect from these?
sr. member
Activity: 373
Merit: 252
August 13, 2016, 01:08:49 PM
#3
As unamis76 mentioned, your first step should be to disconnect that device from your network, as well as any other connections to other devices. Instead of cleaning the infected computer I'd recommend backing up important data using a Bootable OS (Ubuntu, for example) , then completely wiping the drives in the machine, and finally reinstalling the operating system. That should ensure the machine is no longer infected (as long as the virus doesn't lie within the motherboard's BIOS).
legendary
Activity: 1512
Merit: 1012
August 13, 2016, 11:25:44 AM
#2
Disconnect it from the network immediately. Clean the compromised machines.

If these aren't feasible solutions, install a firewall and an antivirus...
member
Activity: 82
Merit: 10
August 12, 2016, 05:37:09 PM
#1
best way to isolate a clean machine on a network with compromised ones?
Jump to: