Xref: utzoo comp.sys.ibm.pc.misc:3977 comp.sys.ibm.pc.hardware:3297 Path: utzoo!censor!geac!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!usc!zaphod.mps.ohio-state.edu!magnus.ircc.ohio-state.edu!news From: smsmith@hpuxa.ircc.ohio-state.edu (Stephen M. Smith) Newsgroups: comp.sys.ibm.pc.misc,comp.sys.ibm.pc.hardware Subject: Re: Need to disable A: and B: Message-ID: <1990Nov22.020143.26988@magnus.ircc.ohio-state.edu> Date: 22 Nov 90 02:01:43 GMT References: <11754@hubcap.clemson.edu> Sender: news@magnus.ircc.ohio-state.edu Organization: The Ohio State University (IRCC) Lines: 67 Nntp-Posting-Host: hpuxa.ircc.ohio-state.edu hrbaan@cs.ruu.nl (Hayo Baan) writes: >In <11754@hubcap.clemson.edu> chrisb@hubcap.clemson.edu >(Chris Behrens) writes: > >>The setup: I run a computer lab on campus which is clobbered by the >>Stoned and Ping Pong viruses... [deletions] >>Is there a program/utility which will allow me to disable the disk >>drive ??? (A: and B: are in the same physical drive) > >Try this : >ASSIGN a=c b=c >that way all the acceses to drive A: and B: will go to drive C:. this excludes >however some programs like FORMAT (check the manual for this). The drawback about including the "assign" command in your autoexec.bat file is that anybody who knows anything about DOS can just enter "ASSIGN" and the system will reset itself. Thus it is a solution, but really only a temporary solution. There are three things here that need to be addressed. First you need to be concerned about the spreading of viruses at the hands of the ignorant. Second you need to realize that there are the few who will try to bypass your security reasons for one reason or another and will inadvertently spread a virus. Third, there is a possibility that someone will try to *place* a virus in a machine. Dealing with the first concern should be your immediate goal. There are a variety of ways of doing this, including TSR's which scan memory or will bar attempts to change executable files on the hard disk. In addition, if you have WordPerfect on the hard disk, for example, you can have a shell which invokes it via a batch file which will first check the student's disk for viruses before WordPerfect is loaded. The draw- back about this is they may not have a disk, or they may not want to use that particular drive (if the machine has both 5.25 and 3.5 inch drives), or they may have more than one disk that needs to be checked. Another thing you should do is to hide and write protect appropriate files on the hard drive (you probably have already done this). This will not work against a number of viruses, so a TSR is probably the best way to go. As far as somebody getting around your protection schemes...anybody with a fair knowledge of DOS will be able to do it. If you have a shell that keeps people from messing around with the hard disk, all a person has to do is to do a warm boot and hit control-break as the system is coming up and this will abort any batch file you have created to install protective shells, virus-scanning TSR's, etc. (I do this all the time at my university and it allows me to do whatever I want to the system even though they are very careful about keeping hackers from using their own software). Remember, when booting up, a computer will always check drive A: for a system disk, so anybody with a DOS disk will be able to bypass any security measures (unless of course you can change the ROM/BIOS). The most practical way of dealing with viruses then is to try to keep them from being spread by ignorant users. A simple shell with limited DOS commands and a virus-scanning TSR should do the trick, but I doubt if it would be practical to try to keep the students from *using* the A: or B: drives. S. "Stevie" Smith \ + / ,,@ ircc.ohio-state. \ + / {7%*@,..":27g)-=,#*:.#,/6&1*.4-,l@#9:-) " edu> \ + / BTW, WYSInaWYG \ + / --witty.saying.ARC