home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Amiga Format 15
/
af015.adf
/
Canary
/
read.me
< prev
next >
Wrap
Text File
|
1978-01-09
|
10KB
|
243 lines
********************** Canary *******************************
Canary is a series of Workbench 1.3 SCRIPT files meant to complement
the Virus killers - NOT to replace them. They produce disks which
can be deliberately sacrificed to a virus. Why? Canary disks test
themselves (or can be tested) without any harm coming to the rest of
the system! They act as a trap for any incoming virus to fall into.
Two programs are provided, each one acts in a slightly different
way.
Important: these scripts must NOT be multi-tasked!
Canary!: Produces a simulated data disk and leaves itself wide open
for attack by most viruses including Parasites.
Turkey!: Produces a Workbench disk that is open for attack by any
viruses which write to BOOTABLE disks or Startup-sequences.
Other programs supplied act as follows:
Check-Canary: In the absence of a proper virus checker, this HELPS
to check for the presence of link viruses on the Canary disks.
Check-Turkey: In the absence of a proper virus checker, this HELPS
to check for the presence of link viruses on the Turkey disks.
Check-Mine: In the absence of a proper virus checker, this HELPS to
check for the presence of link viruses on OTHER Workbench1.3 disks.
Make-Turkey-Files: Updates the Turkey "brain file" if you happen to
be using Workbench1.3.2!
Install-IT: Copies the Canary system onto a new disk.
====================================================================
Using the programs
Note: If starting from Workbench, IconX MUST be in the C directory
of the boot disk. This should be the case unless you have booted
from a non-standard WB1.3 diskette.
====================================================================
Install-IT
From Workbench: Double click on the "Install-IT" icon and follow the
on-screen prompts. Install-IT always tries to install to the disk in
drive 0. If you want to install to a different drive or hard disk,
execute Install from the CLI.
From CLI: Install-IT [<drive|drive+path>]
Examples:
Install-IT ; Install to df0:
Install-IT DF1: ; Install to df1:
Install-IT SYS:Utilities ; Install to say, hard drive
====================================================================
Canary!
From Workbench: Double click on the Canary icon and follow the
on-screen prompts. Canary always tries to format drive 0 (for the
benefit of those who don't have a 2nd drive). If you prefer to use a
different drive use the CLI version.
**** CAUTION ****
It is possible to use Canary! from CLI on a hard disk partition.
DO NOT DO THIS!! YOU HAVE BEEN WARNED.
**** CAUTION ****
From CLI: Canary [<drive>]
Examples:
Canary ; Canary df0:
Canary DF1: ; Canary df1:
Note: This program may throw up a requester complaining the
destination disk is non-DOS. This is perfectly normal and for YOUR
protection. Cancel the request to proceed.
Using Canary!
1) Switch off and leave the machine for at least 30 seconds. Now
boot with a Workbench disk.
2) Create a "Canary" disk - they're named CheepCheep. It doesn't
matter if a virus is already in RAM but LEAVE IT WRITE ENABLED!
3) Open the "Canary" on the Workbench and wait a few seconds to
allow a virus to write to the disk - if it hasn't already done
so.
4) Re-boot the machine with the "Canary" disk in drive 0! If a
Limpet has written to the boot sectors the disk will boot with a
message telling you what to do next. If a Limpet didn't appear
the machine will not boot so remove the "Canary" disk and
proceed to step 5.
5) Re-boot with the Workbench and use Check-Canary to look for any
signs of Parasite viruses that may have attached to the "Canary"
programs. See Check-Canary
6) Optionally re-boot with another suspect disk.
====================================================================
Turkey!
From Workbench: Double click on the Turkey! icon and follow the
on-screen prompts. Turkey! always tries to write to drive 0 (for the
benefit of those who don't have a 2nd drive). If you want to use a
different drive use the CLI version.
From CLI: Turkey! [<drive>]
Examples:
Turkey! ; Canary df0:
Turkey! DF1: ; Canary df1:
Note: This program may throw up a requester complaining the
destination disk is non-DOS. This is quite normal and is for YOUR
protection. Cancel the request to proceed.
1) Switch off and leave the machine for at least 30 seconds. Now
boot with a Workbench disk which is KNOWN to be free from Limpet
viruses. Your original Workbench disk should be good for this -
provided it has never been write enabled.
2) Create a "Turkey" disk - they're named GobbleGobble. It doesn't
matter if a virus is already in RAM but LEAVE IT WRITE ENABLED!
3) Boot with a suspect disk.
4) Open the "Turkey" on the Workbench and wait a few seconds to
allow a virus to write to the disk - if it hasn't already done
so.
5) Re-boot the machine with the "Turkey" disk in drive 0! If a
Limpet has written to the boot sectors the disk will boot with a
message telling you what to do next.
6) Re-boot with Workbench and use Check-Turkey to look for any
signs of Parasite viruses that may have attached to the "Turkey"
programs. See Check-Canary
7) Optionally re-boot with another suspect disk and proceed from
step 4.
====================================================================
Check-Canary
From Workbench: Double click on the Check-Canary icon and follow the
on-screen prompts. Check-Canary will prompt you for a Canary!ed disk
when it wants it.
From CLI: Check-Canary
Examples:
Check-Canary ; Check for viruses
Boot a workbench disk and run Check-Canary. This will produce a
complete listing of all the files and directories on the disk.
Most of these are known - Canary! disks only contain a handful
of files:
C:Echo, C:Install
S:Startup-sequence, S:Canary-files
plus a few directories:
C, S, L, LIBS, Empty, DEVS, DEVS/keymaps, DEVS/printers
These directories are meant to simulate real disks and allow
Parasite viruses to hide themselves somewhere. However, the file
will probably appear somewhere as an unnamed file - which will
break the list.
Check-Canary, produces a list of the files on the disk and
allows you to compare it with a KNOWN list taken from a good
WB1.3 disk. The the two commands used are the original 1.3
INSTALL and 1.3 ECHO. If a Parasite virus has linked into it
should show up as a large file where a short one would be
expected. NOTE: Text files like Mountlist and Startup-Sequence
do vary in size anyway - but check them with your favourite
editor if you find a discrepancy.
Note: Check-canary is a VERY simple program written like the rest of
the programs here as simple script examples with a purpose. It is
not better than a "real" killer - just another line of defence.
====================================================================
Check-Turkey
From Workbench: Double click on the Check-Turkey icon and follow the
on-screen prompts. Check-Turkey will prompt you for a Turkey!ed disk
(they're called GobbleGobble) when it wants it.
From CLI: Check-Turkey
Examples:
Check-Turkey ; Check for viruses
Boot a workbench disk and run Check-Turkey. This will produce a
complete listing of all the files and directories on the disk.
Most of these are known - Turkey! disks contain a complete
Workbench:
Check-Turkey, produces a list of the files on the disk and
allows you to compare it with a KNOWN list taken from a good
WB1.3 disk. Two copies of EVERY original file are listed. New
files only appear once.
If a Parasite virus has linked into it, it should show
up as a large file where a short one would be expected. Other
effects are breaks in the listing or Unknown files. Don't go
deleting things willy-nilly though! Get the disk checked! NOTE:
Text files like Mountlist and Startup-Sequence do vary in size
anyway - but check them with your favourite editor if you find a
discrepancy.
Note: Check-Turkey is a VERY simple program written like the rest of
the programs here as simple script examples with a purpose. It is
not better than a "real" killer - just another line of defence.
====================================================================
Make-Turkey-File
Note: You will require an ORIGINAL copy of Workbench 1.3 or higher
to run this program - the brain file is created from the original
programs.
From Workbench: Double-click on the program's icon and follow the on
screen prompts.
From CLI: Make-Turkey-File [<source>] [<dest>]
Examples:
1>Make-Turkey-File ; Update brain with defaults
1>Make-Turkey-File SYS: DF0: ; Update brain from SYS:
1>Make-Turkey-File DF0: DF1: ; Update brain from DF1:
Note: Although the script requires WB1.3 to operate it can produce a
"brain file" for almost any system disks, and easily modified to
produce files for most non-system Workbench disks too.