home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Libris Britannia 4
/
science library(b).zip
/
science library(b)
/
INFO
/
PCCDEMO.ZIP
/
COMP1.EXE
/
LNAVIRUS.PRS
< prev
next >
Wrap
Text File
|
1993-12-20
|
10KB
|
177 lines
Çìôê-òêæöÆ ïÇì Æäéöæêôÿ ╧╧╬╠╬╠╬╠╬╠╬╠╡
│ As a Banyan Vines Network
│ Administrator, I am terrified by
. . │ the thought of a computer virus
┌─┐┌─┐├ ┬ ┌ ┐┬┌─┐┌ ┌┌─┐ │ being introduced to my network.
┌─┤│ ││ │ │┌┘││ │ │└─┐ │ We have experienced sufficient
└─┘└ └└─┘┴ └┘ ┴┴ └─┘└─┘ │ amounts of data loss through
▄ │ equipment failure, program
█ ▄▄▄ ▄▄▄ │ crashes and user error. The mere
█ ▄▄█ █ █ │ thought of a viral attack and the
█ █▄█ █ █ │ potential for damage is
█▄▄▄▄▄▄ │ staggering.
. │
┌─┐┌─┐┌─┐┌ ┌┌─┐┬├ ┌ ┌ │ In an effort to accommodate
└─┐├─┘│ │ ││ ││ │ │ │ the level of training (or lack
└─┘└─┘└─┘└─┘┴ ┴└─┘└─┤ │ thereof) of the many persons with
│ │ varied backgrounds and levels of
Θεφ σ±ΣΦ⌡αδπ └─┘ │ computer literacy who use my
1st Marine Corps District │ network, and yet make the LAN
│ resistant against viral attack, I
│ wrote a suite of utility programs
that work in conjunction with the │ user. I can usually point out at
Marine Corps standard McAfee │ least one of the following four
ViruScan software. These │ items on any given system:
utilities, along with McAfee's │
software, provide a multi-layered │ 1. If the scan is not
approach to anti-virus security │ configured to occur
for the PC systems and the LAN. │ automatically, it will not occur.
│ "I forgot" has been heard more
δα√Σ± εφΣ, ∞ΓασΣΣ'≥ ⌡Φ±⌠≥Γαφ. │ than once when disinfecting a
│ system. So has "scan software!?,
McAfee Associates ViruScan │ what's that?"
provides the first layer of │
security. │ 2. The user is not familiar
Used properly, it will assure │ enough with his hardware to
that no known viruses are on the │ properly execute ViruScan. This
user's system. Current Marine │ is especially true if the
Corps regulations require that │ user has more than one hard disk
every system be scanned with │ or partition. haring hardware
ViruScan a minimum of once per │ exacerbates this situation.
week. The only drawback is the │
3. The user usually does not │ 4. The user has become annoyed
watch while ViruScan is │ at this "intrusion" into the
running. During an average day, │ operation of "their" PC and has
observation shows 8 out of 10 │ decided to ignore regulations
users switch on their computers │ and removed the anti-virus
and then leave their desks │ software.
while the systems boot. Of the │
two that stay at their desks, │ One answer to this is user
one may in fact watch the screen, │ training, however, this does not
but usually in a highly │ answer the problem of shared
casual manner while waiting for a │ equipment, personnel turnover and
login screen or menu to │ limited resources. The answer at
appear. If by chance a virus was │ 1st Marine Corps District has
detected by ViruScan, the │ been implemented in software as
user would never know and happily │ layer two of the anti-virus
continue to use the system │ security.
(spreading the virus), knowing │
that his system has been │ δα√Σ± ≤÷ε, ⌡Φ±⌠≥ΓτΣΓΩ.
scanned. │
│ VirusCheck is a security
shell, or watchdog type of │ arbitrary number of days) and can
program designed to be used with │ (optionally) display a warning or
McAfee's ViruScan. It directly │ login screen at the completion of
addresses the issues above. │ the scan process as well as chain
│ to an additional external
In a nutshell, VirusCheck │ program. It also allows user
interrogates the user's system to │ definable parameters to be passed
determine it's configuration, │ to ViruScan.
executes ViruScan properly to │
scan the entire system, and halts │ The main problem with
system operation if a virus is │ VirusCheck is the user. ôτΣ
detected by ViruScan. It also │ ≥ε∞Σ÷τα≤ Ωφε÷δΣπµΣαßδΣ ⌠≥Σ± Γαφ
prevents bypassing the scanning │ Σα≥Φδ√ ΣπΦ≤ τΦ≥ α⌠≤εΣ≈ΣΓ.ßα≤ σΦδΣ
process (with Ctrl-C or Ctrl- │ αφπ ∩±Σ⌡Σφ≤ òΦ±⌠≥éτΣΓΩ σ±ε∞
Break) if it is the first scan on │ ±⌠φφΦφµ. This problem is
any given day. │ prevented by layer three of the
│ anti-virus security, the
The program is configurable │ Enforcer.
for daily, weekly or every "x" │
day scanning ("x" being an │ δα√Σ± ≤τ±ΣΣ, ≤τΣ Σφσε±ΓΣ±.
│ that is required), and the
The Enforcer is designed to be │ ability to edit their own profile
loaded to a shared file service │ can be restricted by the system
(although a special version for │ administrator.
dial-up users is designed to be │ The operation of Enforcer is
run via the local hard disk) and │ as follows:
added to the user's profile as a │
postlogin command (I am using │ Banyan VINES specific version:
Banyan parlance here, Novell │
users translate "profile" to read │ The existence of ViruScan and
"login script"). Enforcer is │ VirusCheck is checked.
configurable to allow every "x" │
day scanning, weekly scanning, or │ If they do not exist, the user is
to force daily scanning, │ logged out and informed that they
regardless of how the user's │ are required for access to the
individual system is configured. │ network.
│
Being loaded to a server, │ The last date that VirusCheck
user's cannot erase it (Access │ executed ViruScan is checked.
Rights of Read/Execute are all │ If this date is too old, the user
is logged out, informed that it │ (equivalent to pressing the reset
has been too long since │ button), thus breaking the
VirusCheck ran and VirusCheck is │ network connection.
executed. If VirusCheck runs │
successfully, the user is │ The last date that VirusCheck
returned to the login screen. If │ executed ViruScan is checked.
VirusCheck does not run │
successfully, the user is denied │ If this date is too old, the user
access to the network. │ is informed of that fact. At the
│ next keypress, the system is
Generic version: │ subjected to a hard boot.
│
The existence of ViruScan and │ If sufficient feedback is
VirusCheck is checked. │ generated, versions that perform
│ in the manner of the Banyan
If they do not exist, the user is │ specific version may be developed
informed that they are required │ for Novell, 3Com or other DOS
for access to the network. At │ based LANs.
the next keypress, the system is │
subjected to a hard boot │ Synopsis.
│ also maintains a UseNet site/BBS
This multi-layered approach to │ on his home system.
anti-virus security has NOT │
eliminated the chances that our │ VirusCheck (including the
systems or LAN will fall victim │ Enforcer utilities) are released
to a viral attack. I still stay │ for public distribution under the
alert for suspicious symptoms, │ Shareware concept.
and constantly listen for news of │
new viruses or new outbreaks of │ For more information, or to
old ones. I do, however, sleep │ obtain a copy of these programs,
well, knowing that, as "open" │ write to:
systems go, my network is highly │
virus resistant. │ Jon Freivald
│ 269 Mitchel Avenue
About the author. │ East Meadow, NY 11554
│
GySgt Jon Freivald is the LAN │ or (for military & other
administrator of a 175 user, 3 │ government organizations):
server Banyan Vines network at │
1st Marine Corps District. Jon │ Commanding Officer
Headquarters, 1st Marine Corps │ format. (Please specify if
District │ you also need a copy of
605 Stewart Avenue │ ViruScan.)
Garden City, NY 11530 │
ATTN: GySgt Freivald (ISMO) │
│ CompuServe You will find
Please send a stamped, self- │ VirusCheck as well as
addressed diskette mailer and the │ ViruScan in the McAfee sponsored
appropriate format diskette. │ Virus forum (go virforum).
│ VirusCheck is posted as vck3.zip ñ
Copies can also be obtained via │
the following communications │
networks: │
│
MCDN/ELMS Marine Corps Data │
Network users with an ELMS │
account or Banyan Mail via an SNA │
Gateway can send E-Mail to │
BK1MD4:GISNAD05. Files will be │
sent via return E-mail in binary │
