Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sun-barr!olivea!uunet!mcsun!ukc!yorkohm!nigelm From: nigelm@ohm.york.ac.uk (Nigel Metheringham) Newsgroups: comp.sys.next Subject: Re: Can a NeXT catch a *virus* or cold or..? Message-ID: <1991Jun20.165657.1304@ohm.york.ac.uk> Date: 20 Jun 91 16:56:57 GMT References: <618@tansei1.tansei.cc.u-tokyo.ac.jp> Organization: Electronics Department, University of York, UK Lines: 60 In <618@tansei1.tansei.cc.u-tokyo.ac.jp> yoshida@tansei.cc.u-tokyo.ac.jp (Yoshida) writes: >It occurred to me that I've never seen any discussion about >*viruses* in this group...? Is the NeXT "virus-proof" or >something? -I couldn't find any mention in the documentation >in Librarian...? There is a small mention in the back of the paper Network & System Administration Manual. Basically there aren't any real viruses in the Unix world at present (yes, I know about the various test viruses which have proved that a fairly simple virus can infect all users areas on a machine quite easily, although spreading to naother machine is more difficult). The NeXT, I'm afraid, is a prime candidate for the first widespread Unix (or Mach to be picky) virus. My reasons for saying this are:- 1. Most software distribution is done as binaries 2. I think many people have not read the security related stuff in the manuals, and still fewer have implemented them, or used things like COPS, so several people have machines that are wide open. 3. I bet that a virus would spread round a teaching lab like (insert your favourite euphemism) - many people ask what this new program is, and then run a copy without any checks as to the source etc... 4. Its a hobbiest, or student machine (I'm not being denigrating, its just that most of us can't afford a Sun, but we can afford a NeXT). Unix systems have been hit by worms and all sorts of other security nasties, and the NeXT is unlikely to be any better in this respect. I have not checked for the standard set of holes yet, but I will, and I hope other people will check for known holes, and inform NeXT if they find any (whether you should also publish them on the Net is a long running argument that I am not going to touch). So to summarise:- + If you are attached to any form of network, then read the security section of the manual, and implement the suggestions NOW (this should be done even for non networked machines). + Watch out for any announcements of NeXT-nasties (I should copyright that name - its a good one). + If you run a network, then you need the COPS package - available from good archive sites. + Be careful about what you run. + Remember, all the Unix nasties can probably catch you out too (have a look at the current thread in the Unix groups about paths and superusers). + Don't be paranoid, well not very - they aren't _all_ out to get you! Nigel. -- # Nigel Metheringham # (NeXT) EMail: nigelm@ohm.york.ac.uk # # System Administrator ####### Phone: +44 904 432374 # # Department of Electronics # Fax: +44 904 432335 # # University of York, Heslington, York, UK, YO1 5DD #