home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Magnum One
/
Magnum One (Mid-American Digital) (Disc Manufacturing).iso
/
d15
/
fsp_151.arc
/
UPDATES.TXT
< prev
Wrap
Text File
|
1991-04-28
|
7KB
|
142 lines
Version 1.1 of FLU_SHOT+ has a few enhancements:
1. If you use the '-B' switch when you first run FLU_SHOT+,
the machines BIOS will be used instead of direct screen
writes. Useful for machines which are less than IBM-PC
compatible. Or those people still running CGA's who don't
like snow. It's a little slow. For the CGA users: you
ever think of how nice it would be to see an unblurred
screen? EGA's aren;t that expensive anymore....
2. I neglected to remove some comments, and there was a hole
in FLU_SHOT+ V1.0 that a worm could have exploited. The
hole has been patched securely....
3. An additional option in the FLUSHOT.DAT file:
X=<ambigious_filename>
allows a matching program to "turn off" the triggering of
FLU_SHOT+ for the entire duration of its run. This could
leave a security hole if you're not careful....so be careful!
Do not use an ambigious directory: running a trojan from there
would not trigger FLU_SHOT+. I use it for programs like
FORMAT, Norton Utilities and that kind of stuff. I'm very
careful when using it, though. And you should be, too!
4. The in-memory protection table is now checksummed so that
worms can't change the files you're attempting to protect.
--
Version 1.2 of FLU_SHOT+ has a few enhancements:
1. A new option, '-I<num>' has been added. This allows you to
determine the frequency, in 1/18 seconds, of how often the CMOS
Check (if enabled) and the Protection Table Check are going to
run. The lower the number, the higher your protection, but
the more impact it will have on system operations: they'll
be a little slower. The default is set to one second.
2. Some complaints from those having FSP in their AUTOEXEC.BAT and
having a line of the the form R=\AUTOEXEC.BAT. FSP was protecting
the AUTOEXEC.BAT file (an intended option), but the boot sequence
was causing people to have to hit a 'G' to continue with their
boot. I've installed a '-S<num>', where <num> represents how many
1/18 seconds to sleep before activating the R= option.
The default is set to 10 seconds. It will also immediately
expire on the first key hit.
3. Because CMOS and Prot Table checks are done via the timer tick
in Version 1.2, there is no need for the counter to be associated
with the CMOS flag any longer. As such, '-C' is the full option
to turn on CMOS checking.
--
Version 1.4 of FLU_SHOT+ has a few enhancements:
1. I've skipped Version 1.3 - something about the number having
bad luck and all.
2. A major bug, due to programmer stupidity, has been fixed. Alas,
this bug actually could cause some damage to your disk.
3. The X= switch works better now - it was ignored on Direct Disk
Writes
4. Some of the error messages have been made a bit clearer.
5. Complaints from some of the users have caused me to increase the
size of the checksum buffer internal to FLU_SHOT+. This has the
sad result of increasing the TSR size of the program itself -- but
I consider it a reasonable increase for speeding up the checksumming
of files.
6. If a file to be checksummed could not be found at startup time,
the previous files checksum was displayed -- this has been fixed.
7. Certain holes in FLU_SHOT's security system have been patched.
8. The size of the FLUSHOT.DAT buffer has also been increased to allow
users to specify more files to be checksummed and/or protected.
Version 1.5, released on 1/15/89, has some enhancements and a
bug-fix or two:
1. IOCTL's are now checked pretty carefully. Earlier versions
had a minor hole.
2. A new option, '-W' will keep FLU_SHOT+ from triggering on an
open of a file which allows for write access. Many lazy
programmers (and I qualify as one, sometimes!) may open a
file for write access, even though no write is intended.
DOS's COPY command, for example, will cause a trigger on the
open access to the source file.
3. FLU_SHOT+ will now trigger when a write is attempted to a
file through the "handle" method. You'll get more triggers
than with the original "Open with Write Access" you got,
but it's better and more precise protection.
4. If you end a line in your FLUSHOT.DAT file with an '!', then
the files which match this are considered "restricted". When
access to these files causes a FLU_SHOT trigger, no options
are displayed: the user is advised they are attempting to
access a restricted file and to press any key. The
operation will always fail.
5. However, restricted access isn;t much use if three hits of
the ALT key can disable FLU_SHOT. So, a new option '--' has
been added to disable disabling (yeah, I know it sounds
weird!). If you use a '!' in your FLUSHOT.DAT file to
restrict access to users *local* to your system, then you
should use the '--' option in your FSP invocation call.
6. CMOS protection caused a lot of problems: about three out
of every four support calls were because of CMOS problems:
and nine out of ten of those calls were due to people
attempting to check CMOS on their XT. XT's don't have
CMOS!! Since the protection offered wasn't that big a deal
anyway, it's been pulled entirely. As has the '-I' switch.
The in-memory table is now checked before every DOS
operation.
7. A bug in 1.4 would allow the Lehigh virus through under
certain circumstances. This has been fixed.
8. The price of FLU_SHOT+ remains the same, at $10. However,
the cost of FGLU_SHOT went up. Huh? Well, we now charge
an additional $4 handling/shipping/processing charge on
each order. Sorry: I never expected to make a fortune
off of FLU_SHOT+, but I have to at least break-even.
9. A bug in the code would allow certain files to slip through
unprotected. It's been fixed.
10. Using the '-A' switch allows you to define what attributes
you want to use for the trigger window.
11. Using the '-K' switch allows you to define which "special"
keys will be used instead of the Alt and Ctrl keys.
12. A serious bug in the "use BIOS" routine which could cause a disk
to be trashed has been fixed.
Version 1.51 (02/01/89):
1. The in memory checksum routine was running too frequently, causing
certain DOS operations to crawl to a snail's pace. It's been
altered.
2. FSP will now indicate what "agent" or program it believes is causing
the problem. This is not *always* reliable, but it should tell you
the right name of the program attempting a prohibited access
about 99% of the time.
Ross, 02/01/89