Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!unix.cis.pitt.edu!dsinc!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw
From: p1@arkham.wimsey.bc.ca (Rob Slade)
Newsgroups: comp.virus
Subject: Infected networks (PC)
Message-ID: <0009.9106171414.AA16331@ubu.cert.sei.cmu.edu>
Date: 14 Jun 91 20:12:04 GMT
Sender: Virus Discussion List <VIRUS-L@LEHIIBM1>
Lines: 21
Approved: krvw@sei.cmu.edu

padgett%tccslr.dnet@mmc.com (A. Padgett Peterson) writes:

> In this case I had such a self-check program (1400 bytes) that just
> checks its own length & checksum. If it passes, the program exits, if
> it fails, the client machine displays a warning message and is locked
> up. In this manner, the server application files are protected from
> infection (are never called by an infected client). Each client gets a
> new copy of the "goat" file so clean clients are not affected, and
> infected clients are identified.

I have been reviewing a product from Bangkok called Victor Charlie
that takes a similar approach.  An intriguing concept.

I hope to be able to release the review shortly.

=============
Vancouver          p1@arkham.wimsey.bc.ca   | "If you do buy a
Institute for      Robert_Slade@mtsg.sfu.ca |  computer, don't
Research into      (SUZY) INtegrity         |  turn it on."
User               Canada V7K 2G6           | Richards' 2nd Law
Security                                    | of Data Security