Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!swrinde!cs.utexas.edu!asuvax!ukma!widener!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw From: "rivero@dev8.mdcbbs.com"@MDCBBS.COM Newsgroups: comp.virus Subject: Re: Taking out A: & USSR BBS Message-ID: <0011.9104031509.AA05149@ubu.cert.sei.cmu.edu> Date: 2 Apr 91 19:01:00 GMT Sender: Virus Discussion List Lines: 19 Approved: krvw@sei.cmu.edu mrs@netcom.com (Morgan Schweers) writes: > Greetings, > I recently recommended to a network site that they lock their 'A' > drives with a network boot diskette in them. Their 'B' drives should > remain unlocked for data transfer. There are many companies that make > disk drive door-locks, and this is a much 'nicer' solution than > removing the drive entirely. In fact, one could lock the drive doors > WITHOUT a disk in them, thus forcing a boot from the HD, and still > allowing access to the B drive by anyone (and access to the 'A' drive > by the computer-manager). I know a lot of sites ( and will probably use this in my own setup soon) in which one small PC is the lone interface to the outside world. It is a one way gate. There is no way to communicate from the PC to the internal systems, only from the internal systems to the PC. The PC connection to the world is two way. This is a hardwire job, and thus effectivly prevents a virus attack from getting any further than the PC ( which is kinked with all kinds of detection and elimination code).