Path: utzoo!attcan!uunet!bellcore!att!pacbell.com!ucsd!usc!elroy.jpl.nasa.gov!sdd.hp.com!wuarchive!udel!rochester!uhura.cc.rochester.edu!ub!dsinc!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw From: S72UZAW@TOE.TOWSON.EDU (Jan C. Zawadzki) Newsgroups: comp.virus Subject: *NIX virus... necessary knowledge. (UNIX) Message-ID: <0013.9012111924.AA23660@ubu.cert.sei.cmu.edu> Date: 10 Dec 90 22:00:00 GMT Sender: Virus Discussion List Lines: 30 Approved: krvw@sei.cmu.edu Greetings... For the last couple of weeks I saw a number of inquiries about UNIX oriented anti-virus utilities. A couple of comments: Exercise #1. (some knowledge of unix assumed) Sit down in front of a terminal. Using man pages/manuals write a substitute login program. Exercise #2. (as above) Write a substitute crypt() routine. Compare your results to those of the original crypt() - they must be the same! Exercise #3. (regardless of your knowledge of *nix) Write a program that is capable of switching from regular to priviledged mode and back without the knowledge of the os. (real hardware...) If you can do number 1, you are good. Better than most. If you can do number 2, you are excellent - work for the NSA, they'll pay you more than you're getting now. Fortunately, to write a VIRUS that will function in a UNIX environment, you must be able to accomplish number 3. If you can do number 3, you will not waste your time writing viruses, you will be writing operating systems for AT&T. There are some very basic precautions that can keep a UNIX system safe as could be. The security is already there - only people must be trained. The biggest security problem in UNIX is the superuser. If that account is handled with care, rest assured - any infection can be fully contained. On the other hand, the world is full of sick sick people. - --- Jan C. Zawadzki INet: yahn @ midget.towson.edu BNet: s72uzaw @ towsonvx === *I* think... ===