Path: utzoo!utgpu!jarvis.csri.toronto.edu!rutgers!tut.cis.ohio-state.edu!cica!iuvax!ux1.cso.uiuc.edu!tank!eecae!netnews.upenn.edu!vax1.cc.lehigh.edu!sei.cmu.edu!krvw From: ut-emx!chrisj@cs.utexas.edu (Chris Johnson) Newsgroups: comp.virus Subject: Re: Help...Virus Attack (Mac) Message-ID: <0005.8911201547.AA05782@ge.sei.cmu.edu> Date: 18 Nov 89 22:31:27 GMT Sender: Virus Discussion List Lines: 46 Approved: krvw@sei.cmu.edu Garry Feldman, Supervisor, CCSU Apple Computer Lab, writes about his problems fighting viruses in a public access computer lab and mentions a problem that forced him to abandon the Gatekeeper anti-virus system: >I tried using gatekeeper, but programs such as Excel would not work. Judging from this description, you need to use the current version of Gatekeeper, 1.1.1. It's been out since 26-June and can be found in the sumex info-mac archives. The problem, for the record, was in Excel - not Gatekeeper. Nonetheless, I coded around that problem (and a number of others) in the interest of sparing people just the sort of problems you've experienced. So give 1.1.1 a try - I think you'll find that it works well. By the way, the Computation Center here at U.T. has installed Gatekeeper on all the Macs (33 of 'em) in its public access microcomputer lab, and found it completely effective. Of course, if users insist on starting Macs from their own disks, Gatekeeper is effectively out of the picture. In practice, though, we don't have much trouble with that since (a) users tend to need software like the LaserWriter driver and the UserInfo RDEV that tend to be unique to the disks we provide, and (b) we scan the disks checked out to each user with Disinfectant 1.2 after the user leaves - if we find the disks are infected, that student (whose ID number was logged when they checked-in) is not allowed to use the facility again until they've allowed us to clean their disks (we explain about viruses and give them copies of Disinfectant and Gatekeeper at that time). This approach has kept our lab completely clean, and has *dramatically* reduced the number of viruses present in our user community. Of course, this approach isn't possible in an unattended lab. In that environ- ment, you have to depend on automatic systems like Gatekeeper almost entirely. And Gatekeeper works extremely well in such environments. Even if some users start Macs from their own, infected disks and thereby infect your lab's Macs, Gatekeeper is still valuable since it will protect later users who do startup from your disks from the viruses left behind by the other users. I hope this helps, - ----Chris (Johnson) - ----Author of Gatekeeper - ----chrisj@emx.utexas.edu