Well if somebody who reads the CPunk list is "fixing" a failed Microsoft
On 09/19/2017 07:37 AM, Georgi Guninski wrote:
> Is it still good practice to reinstall everything after you are owned?
>
> It used to be, but after reading about windows viruses I am not sure it
> is.
operating system, that implies that the computer in question belongs to
somebody else who demands Microsoft. In that case, industry best
practice is to follow the most expensive path possible: "It is morally
wrong to allow a sucker to keep his money." The more of a client or
employer's money you spend, the more important your job appears to be
and the more /you/ can charge.
So you will want to go shopping, and buy any "upgrades" that are
available. Assure that the anti-virus and related tools installed are
the very most expensive. If possible replace hardware, not just
software. Explore the potential for adding firewall appliances etc. to
the network the compromised system plugs into - every security incident
is a window of sales opportunity and, thanks to the popular press and
the efforts of Microsoft and other snake oil vendors, the sky is not
necessarily the limit. Start building a case to change out /everything/
IT related at the shop in question for the most expensive and massively
over-built infrastructure possible - where and as this becomes possible,
it qualifies as a Total Win.
Also bear in mind that once Microsoft has been specified, "security" is
out the window and compliance with popular misconceptions and IT sales
literature constitute due diligence on the security front. As a
practical security objective, you will want to see the largest number of
security incidents your client or employer will tolerate going forward,
as you play the part of a heroic warrior battling hordes of Evil Genius
Super Hackers on their behalf. Do this well, with a straight face and
the assistance of talking points from your vendors, to meet the only
security objective that matters: Your job and retirement security.
Remember that an occasional /real/ loss of important assets will assure
that your client or employer values your services very highly. If
things get too quiet around the shop for too long, dropping a couple of
anonymous tips on security issues at your shop in "hacking" forums -
make them look like a disgruntled ex-employee looking for pay-back - can
do wonders to boost your importance in the eyes of management.
:o)