home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Hacker 2
/
HACKER2.mdf
/
virus
/
virusl2
/
virusl2.84
< prev
next >
Wrap
Text File
|
1995-01-03
|
6KB
|
145 lines
VIRUS-L Digest Saturday, 8 Apr 1989 Volume 2 : Issue 84
Today's Topics:
VIRUS-L Guidelines???
Hard disk write-protection via hardware (PC)
More thoughts on potential nasy Mac Boot Block virus (Mac)
Russian Virus a practical joke (PC)
Cornell RTM Worm Report
---------------------------------------------------------------------------
Date: Fri, 7 Apr 89 14:07:44 EDT
From: Fred Hartmann <mhartma@APG-EMH5.APG.ARMY.MIL>
Subject: VIRUS-L Guidelines???
What, if any, are the VIRUS-L guidelines regarding redistribution of
VIRUS-L email messages to a BBS? Most BBS members appear to be
responsible individuals with a serious desire to learn about
computers. Would it be appropriate to redistribute some or all of the
VIRUS-L email messages to them or would it only increase the chances
of someone using something appearing here to everyone's detriment?
[Ed. No problem with me. Go right ahead.]
------------------------------
Date: Fri, 07 Apr 89 14:55:07 CDT
From: "Rich Winkel UMC Math Department" <MATHRICH@UMCVMB.BITNET>
Subject: Hard disk write-protection via hardware (PC)
Could some hardware hacker upload instructions on disabling the write
capability of an XT or AT style hard disk? I believe it just involves
1 or 2 lines on the cable between the disk and controller.
Thanks,
Rich Winkel
[Ed. The problem with that is that the entire hard disk would be
read-only (which could be useful for some applications). It would be
particularly useful IMHO to be able to set certain subdirectory trees
(e.g. \BIN) read-only, with hardware support.]
------------------------------
Date: Fri, 7 Apr 89 22:49:25 EDT
From: joes@scarecrow.csee.lehigh.edu (Joe Sieczkowski)
Subject: More thoughts on potential nasy Mac Boot Block virus (Mac)
>On a related subject, suppose I went to the U.S. Copyright office, and
>copyrighted the idea for the Sad Mac virus. Does this mean that if
>someone actually went and implemented it, they are prosecutable not
>only under the Computer Infiltration Act (or whatever it is called),
>but the Copyright Act? Have I come up with a concept that can be
>copyrighted?
>David M. Gursky
What an interesting idea...Copyright a virus and give NO one
permission to use it. At least make the royalty high enough that no
one would want to violate it.
Unfortunately, there is a little draw-back here. Ideas cannot be
copyrighted but the implementation of ideas can. So you couldn't
copyright the idea of having boot-strap viruses, but you probably
could copyright a boot-strap virus that uses a particular method to
enter the system. There might be many (possibly infinite)
permutations on one system, however another might have only a few.
Of course, we have to address the question of whether or not we want
people copyrighting viruses. This has pros and cons. On the one
hand, if many system people copyrighted viruses thereby exposing
security holes, better systems will be developed using this knowledge.
On the other hand, if every Tom, Dick, and Harry start developing
viruses to be copyrighted, a few might get loose (either intentionally
or otherwise) and cause havoc.
Hmmmmm....
Joe
[Ed. The Brain virus boot block contains a copyright notice.]
------------------------------
Date: Fri, 7 Apr 89 22:59:17 EDT
From: joes@scarecrow.csee.lehigh.edu (Joe Sieczkowski)
Subject: Russian Virus a practical joke (PC)
The russian virus isn't a virus at all, it seems to be a joke. After
receiving a copy of comand.com that was supposedly infected with the
russian virus, , I diff'ed it with a "clean" copy. The following
output appeared:
***** command.com
$ device
$Abort$, Retry$, Ignore$, Fail$? $
File allocation table bad,$
Invalid COMMAND.COM
$Insert disk with $ in drive
***** russian.bin
$ device
$You have just activated a Russian Virus...Thank You! .........
$Invalid COMMAND.COM
$Insert disk with $ in drive
*****
As you can see, it appears that all the author did was change the
"abort, retry, ignore" line with the russian virus message.
Of couse, never let anything like this fool you, the virus could
be in another program and just change this line in command.com.
Joe
------------------------------
Date: Sat, 8 Apr 89 14:16:23 EDT
From: A. M. Boardman <ab4@cunixb.cc.columbia.edu>
Subject: Cornell RTM Worm Report
>Just read in the April 3 _Unix Today_ that Cornell is releasing a report
>today on the Internet Worm. Does anyone know where I can get a copy?
A general report was released from the Purdue Provost's office
recently, although for a technical report you should look at "The
Internet Worm Program: An Analysis",(Gene Spafford) Purdue Technical
report CSD-TSR-823, which can be FTP'd from arthur.cs.cpurdue.edu.
Other good references are Donn Seeley's paper and "With Microscope and
Tweezers; an Analysis of the Internet Worm of November 1988" from
someone of other at MIT. Last time I checked, all three of these were
available for anonymous ftp from athena.ai.mit.edu.
Andrew Boardman, student at large, Columbia University
ab4@cunixc.bitnet, ab4@cunixc.columbia.edu, rutgers/uunet!columbia!cunixc!ab4
[Ed. The above reports are also available for anonymous FTP from
lll-winken.llnl.gov]
------------------------------
End of VIRUS-L Digest
*********************
Downloaded From P-80 International Information Systems 304-744-2253