home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Share Gallery 1
/
share_gal_1.zip
/
share_gal_1
/
UT
/
UT131.ZIP
/
BEARTRAP.ZIP
/
READ-ME.TXT
< prev
Wrap
Text File
|
1989-10-06
|
8KB
|
204 lines
Bear Trap
---------
Version 1.0
Copyright (c) 1989
by
G&G Computer Services
39 Cathy Circle
Portsmouth, RI 02871
Disclaimer:
-----------
The Bear Trap file (c) program is provided 'as is' without
warranty of any kind, either expressed or implied. The entire risk as
to the quality and performance of the program is with the user and
should the program prove defective, the user and not the authors will
assume the entire cost of all necessary remedies. None of the authors
warrant that the functions contained in the program will meet any users
requirements or that the operation of the program will be error-free or
uninterrupted. G&G, its employees, and associates claim no
responsibility for any damages incurred during use of this product.
"... What enables the wise sovereign and the good general to strike
and conquer, and achieve things beyond the reach of ordinary men, is
foreknowledge ..."
Sun Tzu
The Art of War
Introduction:
-------------
Bear Trap (c) is designed to present the user with foreknowledge as to
the existence of a viral attack.
Bear Trap's main goal is to detect a virus during the initial
infection phase, before the virus goes full term and starts attacking the
system. It does this by creating dummy .com files (bear traps) and checking
them for signs of infection (if they have been tripped or not). Bear Trap
also has several security measures to prevent viruses from detecting the
actual traps.
System Requirements:
--------------------
Bear Trap will run on all 100% IBM compatible computers.
Minimum system requirements:at least 128 KB Memory and 1 floppy
drive but is designed for use on hard disk systems.
Files
-----
The following files listed below should have been included in the
ZIP file:
READ-ME.TXT - This File.
BEARTRAP.EXE - The executable file.
ORDFRM - The registration form for this product.
Preparing Bear Trap for use :
-----------------------------
Add the directory name of which Bear Trap is stored into the DOS
PATH command (see your DOS manual for more information on the PATH command).
Using Bear Trap :
-----------------
Usage : BEARTRAP <Full path name of the trap file> <Password1> <Password2>
Full path name of trap the file :
---------------------------------
This is the name of a dummy file (a file that at this time does not
exist on the system) and will be used to signal that a virus has
attempted to infect the system. Also include the full path of the
file (i.e.. C:\DOS\TRAP (This particular name is not suggested). DO
NOT include a file extension, for Bear Trap uses the extension .com
(a viruses favorite food). If by mistake you do add an extension
Bear Trap will remove it and use .com in its place. Also DO NOT use
the names of existing files nor try to run these dummy files once
created (they exist only to fool the virus into trying to infect
them so that Bear Trap will know of the viruses existence). When
using multiple trap files refrain from using the same name in
different directories or names that idenitify what they are (i.e..
TRAP1.com, ANTVIRUS.com, etc.).
Password1 :
-----------
This is a word of 4 or more letters used by Bear Trap for its
internal processing. Also use this word every time the trap file
is checked for infection else Bear Trap will falsely report an
infection. Password1 and Password2 are used so that the virus can
not look for a known signature in the dummy file, that will allow
it to identify the file as a trap.
Password2 :
-----------
This is a word of 4 or more letters used by Bear Trap for
its internal processing. It must not be the same word as
Password1 or have the same number of letters. Also use this
word every time the trap file is checked for infection else
Bear Trap will falsely report an infection.
When Bear Trap is first run it will create a trap file then each
successive time it is run (with the same parameters) it will check that
file for infection. If an infection is detected Bear Trap will notify
the user with a message that the particular trap has been tripped and
it will specify which dir/subdir it was found in by the .com name. It
is recommended that multiple traps be set in different directories.
To facilitate easier checking of multiple traps, place the Bear
Trap commands in the autoexec file so that at boot-up it will check if
any of the traps have been tripped. Bear Trap also returns an errorlevel
of 10 if a trap has been tripped (see 'IF ERRORLEVEL (x)' in your
DOS manual for more information) so that the user can create special
code to handle this condition.
Example Autoexec.bat file:
--------------------------
PATH=C:\DOS /* BEARTRAP.EXE is located here */
BEARTRAP C:\ROOT\C_ROOT COMPUTER PRINTER
IF ERRORLEVEL 10 GOTO VIRUS_FOUND
BEARTRAP C:\DOS\C_DOS MODEM CABLES
IF ERRORLEVEL 10 GOTO VIRUS_FOUND
BEARTRAP C:\PCTOOLS\C_PCTLS HARD_DRIVE SOFT_HEARTS
IF ERRORLEVEL 10 GOTO VIRUS_FOUND
GOTO END
:VIRUS_FOUND
ECHO There is a virus loose in this system.
:END
If Bear Trap should report an infection :
-----------------------------------------
The best recourse, if you believe there is an infection, is to erase all
program files and reload them from the original/initial backup disks. Using
your original DOS system disks replace the operating system (see the SYS
command in your DOS manual) and copy the COMMAND.COM file from it also.
Also be sure to determine which file is the initial carrier and be sure
not to reload it into the system.
It should be noted at this time that Bear Trap is designed to trap
viruses only. It is ineffective against nonpropagating programs (i.e..
Trojan horses, worms, etc.).
Miscellaneous:
--------------
This product is shareware and may be distributed freely. If you find
it of use after a reasonable test period, please send $35.00 (US funds)
per copy to:
G&G Computer Services
39 Cathy Circle
Portsmouth, RI 02871
When you register your copy, you will be placed on the update list and
receive a copy of Bear trap. Once on the list, you will be notified of
updates to this product and the release of new products from our
company.
For any questions, problems, or suggestions call by modem:
- Ups and Downs BBS Portsmouth, RI 1-(401)-683-5961
or
- Swat BBS Swansea, MA 1-(508)-675-8503
and leave feedback to the sysop or write to G&G Computer Sevrices at
the above address.
Both of the above Bulletin Boards support 300/1200/2400 Baud and
operate 24 hours - 7 days a week.