Use your computer fearlessly.

Mission Services Articles Research

business: containment

technical: clean-up

technical: cybersecurity

Corporate Clean-Up

by Brent Kirkpatrick

(Date Published: .)

After a breach, cleaning-up a corporate network takes focused effort.

If your company gets hacked, you can clean it up with dedicated attention to the operating systems and networks. Each computer can be cleaned-up, one at a time, starting with the infrastructure computers:

  • gateways,
  • routers,
  • access points,
  • DNS server(s),
  • mail servers,
  • backup servers, and
  • web servers.

In the worst case, each computer has to be cleaned up by re-installing a newly secured OS.

Sometimes the network has to be modified to improve network defenses, in order to secure the newly installed OSes on the servers. So, the network infrastructure (including: gateways, routers, and access points) should be improved, first, to block the transmissions of worms in the infection stage. After that, the servers can be cleaned-up.

A particular vulnerability is the DNS server, which needs to be prioritized for repair, since it is heavily targeted. After the infrastructure is secured, the DNS server can be re-installed, patched, and returned to service. Installing the latest version of DNS is necessary, which today is DNSSEC.

heat sink labeled After a breach, cleaning up a corporate network takes focused effort
After the infrastructure and DNS servers are cleaned up, the servers, workstations and mobile devices can be updated or repaired provided that the vendor has released the right patches. This is because routing must reliably and securely deliver packets and address resolution must be correct. These allow a newly installed server to securely update to provide its service reliably and securely.

Today, it is often necessary to update an OS directly after its installation, in order for it to remain secure. Most computers, servers and workstations, are hacked the first time they are connected to the Internet. This is, in part, because the latest security patches come in the update stream, not in the installation kit.

There are two main considerations for security updates:

  • It is often possible to secure an OS without updates, by using infrastructure defenses.
  • The updates must be securely downloaded from an authorized, secure server, or they might be Trojan-updates.
If your clean computer gets hacked as soon as it is plugged into the network or as soon as it is updated, then you are strongly encouraged to use stronger infrastructure defenses and to avoid updating the operating system.

Intrepid Net Computing provides a customized clean-up service with on-site help and training for your IT staff.

What Is New? | Contact | Tips

© 2015-2021 Intrepid Net Computing. All rights reserved.