Path: utzoo!attcan!uunet!lll-winken!ames!elroy!orion.cf.uci.edu!oberon!nunki.usc.edu!sal55.usc.edu!raulmill
From: raulmill@sal55.usc.edu (Raul Miller)
Newsgroups: comp.sys.amiga.tech
Subject: Re: IRQ virus (and a personal note to Steve)
Summary: brute force virus protection
Keywords: virus, ramdisk
Message-ID: <2330@nunki.usc.edu>
Date: 12 Jan 89 20:47:59 GMT
Expires: 28 Feb 89 08:00:00 GMT
References: <5601@cbmvax.UUCP> <5602@cbmvax.UUCP> <10788@s.ms.uky.edu> <10795@s.ms.uky.edu> <3205@sugar.uu.net>
Sender: news@nunki.usc.edu
Reply-To: raulmill@nunki.usc.edu (Raul Miller)
Followup-To: comp.sys.amiga
Distribution: na
Organization: University of Southern California, Los Angeles, CA
Lines: 22

You know, there is a simple way of defeating most of the current
generation of virus-type-programs: never do a warm boot from disk.

In other words, do your warm boots from ram disk.  This is
analogous to write protecting your boot disks, and to avoiding
use of root privilege under unix (both are also good ideas).

Aside from that, I think it a very good idea to have the option
of seeing and aborting write permission on a file by file
and process by process basis...  Any security measures can be
bypassed, but the more I can look at what my machine is doing,
the better I feel about it.

Raul Miller                           |
USENET:     raulmill@oberon.usc.edu   |
U.S.SNAIL:  980 Arapahoe              |  55 mph = 82 nc
            LOS ANGELES CA  90006     |

Raul Miller                           |
USENET:     raulmill@oberon.usc.edu   |
U.S.SNAIL:  980 Arapahoe              |  (this space for rent)
            LOS ANGELES CA  90006     |