Hacker 2

home *** CD-ROM | disk | FTP | other *** search

/ Hacker 2 / HACKER2.mdf / virus / virusl2 / virusl2.84 < prev next >

Wrap

Text File | 1995-01-03 | 6KB | 145 lines

VIRUS-L Digest Saturday, 8 Apr 1989 Volume 2 : Issue 84 Today's Topics: VIRUS-L Guidelines??? Hard disk write-protection via hardware (PC) More thoughts on potential nasy Mac Boot Block virus (Mac) Russian Virus a practical joke (PC) Cornell RTM Worm Report --------------------------------------------------------------------------- Date: Fri, 7 Apr 89 14:07:44 EDT From: Fred Hartmann <mhartma@APG-EMH5.APG.ARMY.MIL> Subject: VIRUS-L Guidelines??? What, if any, are the VIRUS-L guidelines regarding redistribution of VIRUS-L email messages to a BBS? Most BBS members appear to be responsible individuals with a serious desire to learn about computers. Would it be appropriate to redistribute some or all of the VIRUS-L email messages to them or would it only increase the chances of someone using something appearing here to everyone's detriment? [Ed. No problem with me. Go right ahead.] ------------------------------ Date: Fri, 07 Apr 89 14:55:07 CDT From: "Rich Winkel UMC Math Department" <MATHRICH@UMCVMB.BITNET> Subject: Hard disk write-protection via hardware (PC) Could some hardware hacker upload instructions on disabling the write capability of an XT or AT style hard disk? I believe it just involves 1 or 2 lines on the cable between the disk and controller. Thanks, Rich Winkel [Ed. The problem with that is that the entire hard disk would be read-only (which could be useful for some applications). It would be particularly useful IMHO to be able to set certain subdirectory trees (e.g. \BIN) read-only, with hardware support.] ------------------------------ Date: Fri, 7 Apr 89 22:49:25 EDT From: joes@scarecrow.csee.lehigh.edu (Joe Sieczkowski) Subject: More thoughts on potential nasy Mac Boot Block virus (Mac) >On a related subject, suppose I went to the U.S. Copyright office, and >copyrighted the idea for the Sad Mac virus. Does this mean that if >someone actually went and implemented it, they are prosecutable not >only under the Computer Infiltration Act (or whatever it is called), >but the Copyright Act? Have I come up with a concept that can be >copyrighted? >David M. Gursky What an interesting idea...Copyright a virus and give NO one permission to use it. At least make the royalty high enough that no one would want to violate it. Unfortunately, there is a little draw-back here. Ideas cannot be copyrighted but the implementation of ideas can. So you couldn't copyright the idea of having boot-strap viruses, but you probably could copyright a boot-strap virus that uses a particular method to enter the system. There might be many (possibly infinite) permutations on one system, however another might have only a few. Of course, we have to address the question of whether or not we want people copyrighting viruses. This has pros and cons. On the one hand, if many system people copyrighted viruses thereby exposing security holes, better systems will be developed using this knowledge. On the other hand, if every Tom, Dick, and Harry start developing viruses to be copyrighted, a few might get loose (either intentionally or otherwise) and cause havoc. Hmmmmm.... Joe [Ed. The Brain virus boot block contains a copyright notice.] ------------------------------ Date: Fri, 7 Apr 89 22:59:17 EDT From: joes@scarecrow.csee.lehigh.edu (Joe Sieczkowski) Subject: Russian Virus a practical joke (PC) The russian virus isn't a virus at all, it seems to be a joke. After receiving a copy of comand.com that was supposedly infected with the russian virus, , I diff'ed it with a "clean" copy. The following output appeared: ***** command.com $ device $Abort$, Retry$, Ignore$, Fail$? $ File allocation table bad,$ Invalid COMMAND.COM $Insert disk with $ in drive ***** russian.bin $ device $You have just activated a Russian Virus...Thank You! ......... $Invalid COMMAND.COM $Insert disk with $ in drive ***** As you can see, it appears that all the author did was change the "abort, retry, ignore" line with the russian virus message. Of couse, never let anything like this fool you, the virus could be in another program and just change this line in command.com. Joe ------------------------------ Date: Sat, 8 Apr 89 14:16:23 EDT From: A. M. Boardman <ab4@cunixb.cc.columbia.edu> Subject: Cornell RTM Worm Report >Just read in the April 3 _Unix Today_ that Cornell is releasing a report >today on the Internet Worm. Does anyone know where I can get a copy? A general report was released from the Purdue Provost's office recently, although for a technical report you should look at "The Internet Worm Program: An Analysis",(Gene Spafford) Purdue Technical report CSD-TSR-823, which can be FTP'd from arthur.cs.cpurdue.edu. Other good references are Donn Seeley's paper and "With Microscope and Tweezers; an Analysis of the Internet Worm of November 1988" from someone of other at MIT. Last time I checked, all three of these were available for anonymous ftp from athena.ai.mit.edu. Andrew Boardman, student at large, Columbia University ab4@cunixc.bitnet, ab4@cunixc.columbia.edu, rutgers/uunet!columbia!cunixc!ab4 [Ed. The above reports are also available for anonymous FTP from lll-winken.llnl.gov] ------------------------------ End of VIRUS-L Digest ********************* Downloaded From P-80 International Information Systems 304-744-2253