The document is an internship report submitted by Subarno Saha summarizing his work on the Malware Cleanup Project at Robi Axiata Ltd. under the supervision of Kranti Mahmud and Zakir Muhammad Ashraful Bari. The report details Subarno's activities which included identifying infected workstations, updating antivirus signatures, scanning for malware, and contacting security teams. It also outlines additional projects on mail archiving, BitLocker management, credential removal, workstation setup, and attending a merger program. The report concludes with acknowledgements of achievements and appreciation received from managers.
1. Internship Report on
“Malware Cleanup Project”
Under the Project of OSS & IT Operations, Technology Division
Robi Axiata Ltd.
2. Malware Cleanup Project
Report submitted in partial fulfillment of the internship at Robi Axiata Limited
Under the Supervision of
Kranti Mahmud
Zakir Muhammad Ashraful Bari
By
Subarno Saha
April 2016
3. DECLARATION
I do hereby declare that this internship report on ''Malware Cleanup Project" of OSS & IT
Operations under Technology Division of 'Robi Axiata Ltd.' has been prepared by me under the
supervision of Kranti Mahmud and Zakir Muhammad Ashraful Bari. This report is original in
nature and has not been submitted elsewhere for any other purpose. The materials of work found
by other researchers and sources are properly acknowledged and mentioned by reference.
Dated: 6th
April 2016
Signature of Author
_________________________________________
Subarno Saha
Intern, Malware Cleanup Project
Technology Division,Central Operation
Robi Axiata Ltd
4. FINAL READING APPROVAL
Internship Project : Malware Cleanup Project
Date of Submission : 6th
April 2016
The final report is satisfactory and it’s all materials are also acceptable and ready for the
submission.
Signature of Supervisors
__________________________________ _______________________________
Zakir Muhammad Ashraful Bari Kranti Mahmud
Manager General Manager
IT Service Desk OSS & IT Operations
Technology Division Technology Division
Robi Axiata Ltd. Robi Axiata Ltd.
5. PREFACE
First and foremost I am grateful to Almighty for blessing me with such opportunity of learning
and ability to successfully complete Internship at Robi Axiata Ltd.
I am also thankful to my supervisors Kranti Mahmud and Zakir Muhammad Ashraful Bari for
guiding me throughout the project work. Without their suggestions and assistance it was
impossible for me to complete the project.
Finally I am also thankful to my colleagues with whom I passed a memorable time.
Rafi-Al –Razi , Specialist, Robi Axiata Ltd
Imtiaz Hasan, Edotco Bangladesh
Md. Mahmudul Islam, Edotco Bangladesh
Abdur Nur Md. Yahya, Specialist, Robi Axiata Ltd
Palash Kumar Ghosh, Specialist, Robi Axiata Ltd
Gouranga Chandra Das, Specialist, Robi Axiata Ltd
M. Imran Ahmed, Specialist, Robi Axiata Ltd
Md. Dider Hossain Rony, Specialist, Robi Axiata Ltd
6. TABLE OF CONTENTS
CHAPTER 1 INTRODUCTION page#
1.1 Why Internship 01-01
1.2 Why Robi 01-01
CHAPTER 2 ACTIVITIES UNDERTAKEN
2.1 Malware Cleanup Project 02-02
2.1.1 Limitations 02-02
2.1.2 Recommendations 02-03
CHAPTER 3 ADDITIONAL WORKS
3.1 Mail Archiving Project 04-04
3.2 Bit locker refresh/password reset 04-04
3.3 Remove stored passwords, certificates, and other credentials 05-05
3.4 Workstation setup/configuration 05-05
3.5 An attendee to Robi Airtel Merger Program 05-05
CHAPTER 4 ACHIEVENTS 06-07
CHAPTER 4 CONCLUSION 08-08
CHAPTER 5 BIBLIOGRAPHY 08-08
END NOTE 09-11
7. Page 1 of 11
CHAPTER 1
INTRODUCTION
At the end of December 2015,a group of undergraduate students were selected to perform
internship at Robi Axiata Limited from 7th
January 2016.Students were selected to different
projects by the project advisor, based on their qualities for the work.The projects were supervised
by the respective line manager. I was selected as an Intern at Technology Division user the
supervision of Kranti Mahbub, General Manager,OSS & IT Operations,Technology Division,
Robi Axiata Ltd. This report provides a short summary of “Malware Cleanup Project” with other
addition work. This report is prepared on the basis of my three-month practical experience at
Robi Axiata Limited. This internship program helped me to learn about the practical scenario of
a Telecommunication Company.
1.1 Why Internship
As a University student I have only the theory based knowledge. But practical or real world is
much different from the theory based world. As I have no practical knowledge I do prefer to
have hand on experience. Internships are key to building experience as a student or recent
graduate. Employers are much more likely to hire someone with internships and work experience
rather than someone with a generic resume, lacking experience. Joining a company as an intern
gives you the opportunity to work hands on in a professional environment. Internships help by
teaching you more about the career path you are pursuing. Internships are a way to test drive
possible jobs and explore different career options. Moreover team management is on the best
need of real world. To cope up with the real world one should manage a good team management
skills. So for this skill one should join for an internship after university life. Finally to maintain a
good time management skill one should take internship after graduation.
1.2 Why Robi
Robi Axiata Limited is one of the most leading mobile operator in Bangladesh. Robi focuses on
developing & sharpening the technical skills of fresh graduates of our country. They encourages
the fresh graduates to develop their skills, their interest. From my student life I found many
programs where Robi sponsored to run the program. So I preferred Robi for my internship.
8. Page 2 of 11
CHAPTER 2
ACTIVITIES UNDERTAKEN
2.1 Malware Cleanup Project
Malware is a set of instructions that run on a computer and make the system do something that
an attacker wants it to do. Malware steals personal information, delete files, spread spam and
tracks user’s activity. My job tasks in this project are to identify the threat workstation form the
threat database. Checking whether the Antivirus signature (DLP, Data Loss Prevention) is
updated or not. If not then update the signature. Sometime manual update is not possible than
setup/configure the software with proper admin permission and steps. Scanning the threat
workstation remotely and checking the On Demand Scan Log whether malware is still present or
not. If still present then upload the Getsusp log to system server and then contact with the
security team for further process.
2.1.1 Limitations
I have to face some limitations of workstation access .Such as user’s unavailability, LAN
connection problem etc. Most of the users were in remote area so due to LAN connection
problems I could not access to end user workstation. Sometimes users were not free of my time
so I have to take time from them and completed my work on their free time.
2.1.2 Recommendations
The battle for IT security will never end, but the application of best practice and the effective
sharing of available knowledge. We recommend that as a business you take steps to review, and
invest where necessary, to improve security in the following key areas:
User Education & Awareness
Establish a Staff training program for increasing user awareness of the malware risks.
9. Page 3 of 11
Managing user privileges
Establish account management processes and limit the number of privileged accounts. Limit user
privileges and monitor user activity.
Removable Media Controls
Removable media access control is already maintaining by the DLP end user policy. System
team need to make another policy like, if the user doesn’t scan the removable media then the user
can’t access to it.
Regular Monitoring
System team should regularly monitor strategy & produce supporting policies. Continuously
monitor all ICT systems & networks. Analyze logs for unusual activity that could indicate an
attack.
10. Page 4 of 11
CHAPTER 3
ADDITIONAL WORKS
In addition to the Malware cleanup project I have to perform other works also. Such as
3.1 Mail Archiving Project
Exchange Online Archiving is an additional specialized mailbox that works in tandem with users
Primary Exchange Mailbox allowing messages to be quickly and easily archived to simplify
mailbox size management.This solution utilizes server-side storage that works in a similar
manner to the traditional Personal Folders (PST) files. This approach has the advantage of being
backed-up nightly, can have messages moved into it automatically,and is available within
Webmail (http://mail.robi.com.bd/owa) providing access on and off Office. Users email will be
auto archived to Microsoft cloud storage. Users need not to archive email on their own Laptop
HDD. Emails older than 15 Days will be auto archived to Microsoft cloud storage. Archived
emails will be accessible from both outlook & webmail. i.e. you can access your archived email
from outside office network.
The task of this project is to default the ost from pst. This time I got excel file where a list of
people name where available whose outlook was default to PST(personal archive folder).For this
work first I contact with the user, informed him/her about the issue, note down the user's
available time and on that time I changed the archive folder to exchange remotely with the
permission of the user.
3.2 Bit locker refresh/password reset
The life time of bit locker is 5 times. When user put 5 times wrong password than the blocker
account gets locked. Sometimes bit locker doesn't take password if a cd in the cd rom or caps
lock on/off. In this time the support cannot be provided remotely so we have to request the user
to send the laptop to us(IT Help Desk).This time I have to send the Computer Name and the
previous recovery key to the team member who have the admin access of generating recovery
key for bit locker.
When a user already put2/3 times wrong password but successfully logged in than we can
remotely refresh the bit locker from the control panel if the user call logged to IT Support. It
helps the user for getting 5 times lifetime again.
11. Page 5 of 11
3.3 Remove stored passwords, certificates, and other credentials
Credential Manager allows you to store credentials, such as user names and passwords that you
use to log on to websites or other computers on a network. By storing your credentials, Windows
can automatically log you on to websites or other computers. Credentials are saved in special
folders on your computer called vaults. Windows and programs (such as web browsers) can
securely give the credentials in the vaults to other computers and websites.
If you no longer need credentials stored on your computer that you use to log on to websites or
other computers on a network, follow the steps below to delete them. For more information
about stored credentials, see Store passwords, certificates, and other credentials for automatic
logon.
3.4 Workstation setup/configuration
Full setup of workstation with Acronis or R-drive image software. After installation I have to set up the
domain (robi.com.bd) with the PC name with End user Employee ID. Finally I have to encrypt the
workstation with bit locker drive encryption software.
3.5 An attendee to Robi Airtel Merger Program
I got the permission for attending the Robi Airtel Merger Program which was held at BTRC office, Dhaka.
12. Page 6 of 11
CHAPTER 4
ACHIEVEMENTS
After completing my project successfully I got appreciation from my Team Manager and Vice
President of Technology Division, Robi Axiata Limited.
#appreciation from Muditha Gunasekara, VP, Technology Division
13. Page 7 of 11
#appreciation from Zakir Bari, Manager, IT Service Desk
14. Page 8 of 11
CHAPTER 5
CONCLUSION
According to my own experience working with Robi is a memorable part of my life. Robi’s
working environment is very nice and friendly specially the OSS & IT Operations team who
always on work pressure but never forget to share their joyful moments to each other. The senior
who are working here are very helpful with the new employee's. So I found myself really lucky
and honored to be a part of Robi family.
CHAPTER 6
BIBLIOGRAPHY
www.robi.com.bd
_______________
15. Page 9 of 11
END NOTE
I would like to end this report by thanking the people who helped me with the project work and add a
few pictures.
# Ice Breaking session
16. Page 10 of 11
# supporting our tigers
#Treat time