Malware Counter Measure Standard Operation Procedure in Old Corporations

5 min readJan 31, 2021

I have a few experience in playing around with cyber attacks, but it was merely a curiosity and I did this on my own PCs and virtual machines. Back then I tried exploiting the vulnerability on port 445 SMB using an exploit prepared by Metasploit. Metasploit also provided a tool to make backdoors (Trojan) which I practice after hijacking. The result was I can remotely control the victim’s PC and after I activate the backdoor, I can connect whenever I want. Then after the vulnerability is patched (system updated) exploiting port 445 no longer works as explained on this lecture but for as long the backdoor is still implanted I can still remotely connect through there. If the vulnerability is exploited once and the system got infected by a virus, just patching it will not be enough. The infection must be healed. This is the fourth assignment from my Masters Advanced Network Security Course which has never been published anywhere and I, as the author and copyright holder, license this assignment customized CC-BY-SA where anyone can share, copy, republish, and sell on condition to state my name as the author and notify that the original and open version available here.

1. Cyber Attacks Can Come From Based on This Lecture

Kernel and server side of OS.
Application vulnerabilities.
Before and after infection of worm or virus.

Most famous attack is buffer overflow. PCs for file sharing are susceptible to remote buffer overflow. What happens if vulnerability is announced

With patch or update available.
No patch or update available.

The first case automatically or manually apply the patch. The second case disable the application or port that is vulnerable. Vulnerability can be:

Vulnerability due to design and programming error.
Vulnerability due to misconfiguration.
Vulnerability due to modules.

In case of design, the service must be disabled and reprogram. Case of misconfiguration, edit the configuration file, and as for modules disable and edit the module. To handle the vulnerabilities above the…

Malware Counter Measure Standard Operation Procedure in Old Corporations

1. Cyber Attacks Can Come From Based on This Lecture

Written by Fajar Purnama

More from Fajar Purnama

My Opinion of XSS/CSS, Digital Forensic, and Digital Crime Investigation when I was a Young Student

My Opinion of XSS/CSS, Digital Forensic, and Digital Crime Investigation when I was a Young Student

Financial Technical Analysis Crypto Narrative Chapter 7 Harmonic Pattern

Most harmonic patterns have five phases forming XABCD pattern and we use Fibonacci Golden Ratios measurement to classify harmonic patterns.

Penggunaan Nagios di Lab Komputer Teknik Elektro Universitas Udayana

Tugas dari mata kuliah Kehandalan Sistem Telekomunikasi S1 saya mengenai aplikasi Nagios yang dapat memantau keadaan jaringan komputer.

4 Browsers that Rewards Users in Cryptocurrencies

Brave Browser, Netbox Browser, Bittube Browser or Extension, and Cryptotab Browser.

Recommended from Medium

3 Advanced (and Unique) ChatGPT Uses You’ve Likely Not Seen Before

Valuable “meta” use cases I’ve found in 10 months of tinkering with ChatGPT

Behind the Scenes: The Daily Grind of Threat Hunter

I turned a Twitter thread into a blog post on the topic of threat hunting. This is an example of the real-world steps involved during a…

Lists

AI Regulation

ChatGPT prompts

ChatGPT

Generative AI Recommended Reading

JSON is incredibly slow: Here’s What’s Faster!

Unlocking the Need for Speed: Optimizing JSON Performance for Lightning-Fast Apps and Finding Alternatives to it!

The ChatGPT Hype Is Over — Now Watch How Google Will Kill ChatGPT.

It never happens instantly. The business game is longer than you know.

This is Why I Didn’t Accept You as a Senior Software Engineer

An Alarming Trend in The Software Industry

How to Convert Any Text Into a Graph of Concepts

A method to convert any text corpus into a Knowledge Graph using Mistral 7B.