Xref: utzoo news.sysadmin:1629 comp.unix.wizards:12699
Path: utzoo!utgpu!watmath!clyde!att!ihlpf!dwm
From: dwm@ihlpf.ATT.COM (Meeks)
Newsgroups: news.sysadmin,comp.unix.wizards
Subject: Re: How to stop future viruses.
Summary: viruses, backups, security
Message-ID: <6680@ihlpf.ATT.COM>
Date: 17 Nov 88 16:06:25 GMT
References: <16722@agate.BERKELEY.EDU> <2178@cuuxb.ATT.COM> <2182@cuuxb.ATT.COM>
Organization: AT&T Bell Laboratories - Naperville, Illinois
Lines: 30


You can't stop people from coming up with ways to break into your
information system. Not as long as more than one person has access.

Two things I would suggest are:

A VERY GOOD BACKUP SYSTEM, saving fulls for what may seem a
	very long time, like forever. Doing lot's of different level
	incrementals and then maybe a few project specific snapshots.

	Take pictures of your  /, /usr, and /tmp. These pictures will
	include time stamps, ownership, size and checksum.

Okay, how does this help? You can with the picture information monitor
what is going on in important areas of your system and look for problems.
When recovering, the several levels of incremental and project snapshots
will come in handy if the virus is a particular nasty one.

I would suggest you automate the picture taking and save your database in
a safe place, remember it too could come under attack.

Making a system secure at the risk of making it difficult to share information
is poor use of time. It only costs those who use the system as a tool to get
real work done. Security is all our responsibility and not to be taken
lightly. Each of us need to use good passwords, terminal lock programs, and
not put passwords on post-its which we then place on our terminals.


Daniel W. Meeks, ...[att!]ihlpf!dwm, dwm@ihlpf.att.com
--> These are my thoughts and not necessarily shared by my employer. <--