Path: utzoo!censor!geac!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!unix.cis.pitt.edu!dsinc!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw
From: schriste@uceng.UC.EDU (Steven V. Christensen)
Newsgroups: comp.virus
Subject: Re: How safe are FTP sites from viruses?
Message-ID: <0005.9011152102.AA24913@ubu.cert.sei.cmu.edu>
Date: 15 Nov 90 20:57:41 GMT
Sender: Virus Discussion List <VIRUS-L@LEHIIBM1>
Lines: 35
Approved: krvw@sei.cmu.edu

mitchell@thesis1.hsch.utexas.edu (Philip Mitchel) writes:

>...A user at our site
>just retrieved some text files from the anonymous ftp server at
>apple.com and found that her floppies began to be corrupted.

>[Ed. The only way (that I know of) to get infected by a virus via an
>anonymous FTP site would be to download an infected executable file
>and then execute it; I don't believe that this could have happened by
>merely downloading a text file.

I totally agree. But the executable file you download doesn't have to be
infected at the FTP source to get you. Let me explain: I downloaded a Self-
Extracting Archive (something I loathe to do) from wuarchive directly to
a clean floppy on a PC at school. But what I didn't know was that the
PC was infected. When I brought the program home to my PC, all ^%#* broke
loose. I too thought that wuarchive had an infected file. But I checked things
out, and old Typhoid Mary PC at school was the culprit.

The moral? Always work in archive files (quite hard/impossible to infect
if the files are orifinally clean) and check, check, check everything
when you get it out of the archive.


		Steven

>[Ed cont.] It is always a good idea (in my opinion) to use a virus
>scanning product on any new software, shrinkwrap or public/shareware.]

Amen!
- --
Steven V. Christensen
U.C. College of Eng.
schriste@uceng.uc.edu
For the adventurous: svc@elf0.uucp