Malware Counter Measure Standard Operation Procedure in Old Corporations

I have a few experience in playing around with cyber attacks, but it was merely a curiosity and I did this on my own PCs and virtual machines. Back then I tried exploiting the vulnerability on port 445 SMB using an exploit prepared by Metasploit. Metasploit also provided a tool to make backdoors (Trojan) which I practice after hijacking. The result was I can remotely control the victim’s PC and after I activate the backdoor, I can connect whenever I want. Then after the vulnerability is patched (system updated) exploiting port 445 no longer works as explained on this lecture but for as long the backdoor is still implanted I can still remotely connect through there. If the vulnerability is exploited once and the system got infected by a virus, just patching it will not be enough. The infection must be healed. This is the fourth assignment from my Masters Advanced Network Security Course which has never been published anywhere and I, as the author and copyright holder, license this assignment customized CC-BY-SA where anyone can share, copy, republish, and sell on condition to state my name as the author and notify that the original and open version available here.

1. Cyber Attacks Can Come From Based on This Lecture

1. Kernel and server side of OS.