Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!cornell!rochester!udel!mmdf From: peter%sugar.uu.net@UDEL.EDU Newsgroups: comp.sys.amiga Subject: Re: The ultimate fix!!! Message-ID: <4430@louie.udel.EDU> Date: 3 Oct 88 22:22:47 GMT Sender: mmdf@udel.EDU Lines: 49 Received: from CUNYVM by CUNYVM.BITNET (Mailer X2.00) with BSMTP id 4294; Sat, 01 Oct 88 23:49:42 EDT Received: from UDEL.EDU by CUNYVM.CUNY.EDU (IBM VM SMTP R1.1) with TCP; Sat, 01 Oct 88 23:49:39 EDT Received: by Louie.UDEL.EDU id ac02594; 1 Oct 88 21:22 EDT Received: from Louie.UDEL.EDU by Louie.udel.EDU id ac02310; 1 Oct 88 21:09 EDT Received: from USENET by Louie.UDEL.EDU id aa02156; 1 Oct 88 20:59 EDT From: Peter da Silva Subject: Re: The ultimate fix!!! Message-ID: <2720@sugar.uu.net> Date: 1 Oct 88 21:32:22 GMT Organization: Sugar Land Unix - Houston, TX To: amiga-relay@UDEL.EDU Sender: amiga-relay-request@UDEL.EDU In article <9548@cup.portal.com>, dan-hankins@cup.portal.com writes: > >A virus is any program that hides in a computer system and replicates itself. > A computer virus is a piece of code that hides by attaching itself to > other pieces of code, self-replicates by usurping the function of the > host code, and may or may not inflict damage to the host systems. It > may or may not have an incubation period, and a specific host trigger. I think you need to add "and has the ability to infect other systems it comes in contact with". > >Or run a protected operating system like UNIX, where a virus has a *much* harder > >time of it. > Not really. Fred Cohen's virus experiment was performed on a protected > multiuser operating system. The longest it took a virus to attain system > priviledges was an half an hour, the shortest five minutes, with an average > of about fifteen, *even when the users knew a virus was around*. (1) On a non-protected system it would take *0* time to infect the system. I think the best thing to do would be to have the virus hide itself in a public bin directory with a a name that's a common typo of one of the standard commands. Then it prints the usual error message and starts seeing what new privileges it has. This will go on until root executes it. In a well managed UNIX system, with root privileges only used for root commands, this could take quite a while. (2) It's harder for a virus to infect UNIX, also, because it's unlikely that 68020 code from a sun would do much to a Microvax or even a 68010 machine like a 3b1. A binary standard is a two-edged sword. -- Peter da Silva `-_-' peter@sugar.uu.net Have you hugged U your wolf today?