Path: utzoo!utgpu!watserv1!watmath!att!att!emory!wuarchive!zaphod.mps.ohio-state.edu!ub!dsinc!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw
From: gribble@cica.cica.indiana.edu
Newsgroups: comp.virus
Subject: Viruses and Novell's Netware
Message-ID: <0002.9010291826.AA04361@ubu.cert.sei.cmu.edu>
Date: 22 Oct 90 14:33:58 GMT
Sender: Virus Discussion List <VIRUS-L@LEHIIBM1>
Lines: 20
Approved: krvw@sei.cmu.edu

I would like to hear of Sys Administrators experiences w/ Viruses on
Novell Networks.  Our servers were infected w/ Jerusalem B several weeks
ago and I'm gathering as much info as I can.

Particuliarly interested in:

- -viruses ability to bypass SRO flags
- -other vulnerable Novell security "holes"
- -what about Execute only?  does it really protect?
- -are the FATs safe?
- -Is Write enough or does a virus also need Modify to bypass the SRO?

I've experimented w/ some of these and haven't arrived at any firm conclusions.
If requested, responses will be kept in strict confidence.

- --
**************************************************************************
* Steve Gribble  (812) 855-9172/7629         gribble@cica.cica.indiana.edu
* Systems Manager, Inst. of Social Research  swg@iumail.ucs.indiana.edu
* Dept. of Sociology, Indiana University     gribble@iubacs