Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!rutgers!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw
From: attcan!vpk1!john@uunet.uu.net
Newsgroups: comp.virus
Subject: re: other ways for viral injection?
Message-ID: <0002.9008011328.AA03754@ubu.cert.sei.cmu.edu>
Date: 30 Jul 90 20:14:35 GMT
Sender: Virus Discussion List <VIRUS-L@LEHIIBM1>
Lines: 39
Approved: krvw@sei.cmu.edu

>        Does somebody known if there was some cases of
>viral infection that came through other than floppy exchange
>and data interchange over Internet ? I think to other networks,
>through atmospheric radio transmissions, magnetic induction, ...

	I think back to a wonderful little nasty from the CP/M
days. There was a version of MODEM7 floating around that had a patch
in it that caused it to do all sorts of neat things when certain
character sequences were received over the async channel. One of these
nasty things was to take a character string coming in over the modem
and patch it into the bios at a jump vector specified in the incoming
string. I'm sure this was probably intended to allow someone to do
something useful such as replace I/O drivers on the fly for things
like remote tty services or other form of redirection. But, if you had
a nasty streak and you knew about this 'backdoor', imagine the damage
you could have done. (btw: it did this patching with no notification
to the user of the 'patched' machine). This was actually one of the
slickest little routines I ever saw in the CP/M 'virus/trojan' category
and it has caused me to run all of my comm programs through a datagram
analyzer while I'm 'breaking them in'. Especially if they are 'special'
purpose comm programs or if they require passwords to be automatically
sent by the package rather than manually entered by the user. As for
other networks....I can't think of a network that HASN'T come under attack
in one way or another. Magnetic induction? Hmmmm...I don't think the
technology is advanced enough to permit a focused field of the precision
required to affect a machine (selectively altering bits that is) from
an external source. Of course a good magnetic 'bulk eraser' provides a
quick method of simplifying your file management :)

____________________________________________________________________________
        ===
      =--====  AT&T Canada Inc.             John Benfield
     =----==== 3650 Victoria Park Ave.      Network Support Analyst (MIS)
     =----==== Suite 800
     ==--===== Willowdale, Ontario          attmail   : ~jbenfield
      =======  M2H-3P7			    email     : uunet!attcan!john
        ===    (416) 756-5221               Compu$erve: 72137,722

____"Sometimes it just happens...People explode...Natural causes."__________