I just graduated from college with a BS in computer science. I also got my CCNA in August, and am currently working towards my A+. I am looking for a job in the networking field as my ultimate goal, but any type of IT job just to get my foot in the door. I am also sersiously considering working for a CompUSA or Geek Squad until I find something else, after getting A+ as they seem to require it. At least that would give me some real in the field experience to put on my resume.

I am wondering if getting a computer infected with all sorts of viri and malware on purpose would be a good training tool. Of course I would be using some old computer that I wouldn't care about, and would plan on formatting when done with the experiment. I would also somehow keep it well seperated from the rest of my network by putting it on a seperate subnet or some such thing to prevent my other computers from getting infected.

Basically my plan would be to just surf the nastiest of the nasty websites without an AV, firewall (other than NAT), and running an unpatched version of Windows and IE. I would then work to get the computer will infected, and then try my best to get it completely free of all infection without resorting to formatting. My only question is if this is actually a valuable exercise, or just a waste of time.

Thanks for any input.

Seems like an exercise in frustration, or an excuse to surf the nastiest of nasty sites :-) but no experience is without value. Good luck in your endeavor, I'd be interested in hearing how it works out for you. It seems like your learning would be useful, and there are plenty of baddies available on the Intarweb.

Wouldn't it be great if you could begin with 2 identical software systems [sets of files], probably on the same PC but in different partitions, or on different HDD's with one disconnected & reconnected to scan; both clean initially.
Then you get one of them infected and compare the changes in the files along the way.
Surely that's the only way you would know what changes were taking place.
Otherwise when you try to clean up the infected system you never know for sure if it's clean or whether there is still something hiding and undetected.
But are there any utilities out there that will compare 2 sets of file contents.
"sfc" is supposed to list all changes, but does it really do it in these circumstances?
Then when you find out what changes have taken place, would you know the significance?

This was done by SOPHOS and the results were as follows.

Computer, without any form of security, were connected to the internet and left to just sit there doing nothing. It was discovered that there was a 50% chance of them becoming infected within 12 MINUTES. After 45minutes this rose to 90% chance. (remember this was where the computer was left to sit doing nothing whilst connected to the internet - no surfing etc.)

A number of malware fighters use either a test box or a VMWare environment to do just that, but I would not recommend it to start learning about fighting malware... If you want to learn, go to Boot Camp at SpyWareInfo, the Classroom at TomCoyote or one of the other schools online that offer training...