home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Hackers Underworld 2: Forbidden Knowledge
/
Hackers Underworld 2: Forbidden Knowledge.iso
/
VIRUS
/
HYSTERIA.TXT
< prev
next >
Wrap
Text File
|
1990-08-26
|
19KB
|
360 lines
Reprinted from CompuMag, Vol. 1 (1989), Issues 3 and 4
For subscription information call 1-805-273-0300
Virus Hysteria!
by Richard B. Levin
You're scared. Having heard how computer viruses leap
from computer to computer, you've learned your system could
be the next unwitting sufferer of a computer flu. After
all, your friend has a friend whose cousin knows someone
that witnessed a virus display "Arf! Arf! Gotcha'!" as it
gobbled up data on an office PC. And your local BBSes are
bubbling over with heated horror stories about bombs,
Trojans and viruses, not to mention countless
recommendations for anti-virus software products. It seems
that every new day brings with it stories of impending
computerized doom, created by evil geniuses with programming
abilities far beyond those you or your associates could ever
hope to achieve, much less do battle against.
Relax! Hysteria over computer viruses comes in waves.
The hysteria is fueled, in large part, by the popular press'
frenzied, poorly researched and consistently inaccurate
reporting on the subject. Computer crime is not a new story
and viruses are simply the latest plot twist. Vandals
sending "time-bombs" and viruses into our nation's telephone
network are akin to hackers breaking into corporate or
government mainframe computers and scrambling data--the
techniques they use for sowing destruction may differ, but
their intent and results are the same. Before you hang up
your joystick in disgust, however, realize that computer
vandalism has been with us, in one form or another, since
the first CRT was fired-up and will remain until the last
disk drive grinds to a halt. In any public endeavor there
will be an anti-social element; computing is no exception.
In the interest of "safe computing," the question we must
ask is "how do we protect ourselves from the ravages of the
computer criminal and computer viruses?"
If you choose not to ignore the reality of computer
viruses, there remains three ways to dispense with the
problem: virus prevention software, virus detection
software and safe-computing practices (which includes
anti-virus software usage, among other things). As with
other forms of crime prevention, virus prevention software
products may provide an effective deterrent in some cases;
they fail, however, when the criminal element is determined
to perpetrate criminal acts. Most virus prevention software
products have serious technical drawbacks users naturally
overlook (we're not all computer scientists) and virus
developers exploit. For example, not one of the anti-virus
software programs on the market today can protect a system
from a deadly disk "write" that bypasses DOS by directly
manipulating the disk controller. Users of virus prevention
products believe their computers are ImZ]╖Y║íÑ▒ò▒ in
reality,`taey're sitting ducks, safeguarded only from the
simplest of viruses.
Fact: it is physically impossible to prevent all
manner of viruses from entering your system; no matter how
many automobile alarms you may install, if the crooks want
to steal the wheels badly enough, they will. This same line
of reasoning remains true in the area of virus protection:
if the virus developer is determined to breach your system,
your system will be compromised. You can, however, detect
viral infections almost immediately after they occur, which
allows you to rapidly eradicate the invaders and prevent
future infections. By employing the following "safe
computing" measures (excerpted from the documentation that
accompanies my CHECKUP virus detection system) and by
installing a reliable virus DETECTION system, you are
guaranteed a measure of security virus PREVENTION software
can never provide:
* Run CHECKUP (or another reliable virus
detection system) daily. CHECKUP provides a
sanitary, clean floppy disk/batch file method
that is capable of detecting any virus, past,
present or future.
* Run major applications via DOS batch files
and have CHECKUP (or another reliable virus
detection system) perform a pre-run,
last-minute ci⌡ck of programs about to run.
Using CHECKUP, for example: instead of
typing the "WORD" command to run Microsoft
Word, create a batch file named "WRD.BAT"
that reads as follows:
CD \WORD
CHECKUP WORD.COM
IF ERRORLEVEL 1 GOTO EXIT
CHECKUP WORD_DCA.EXE
IF ERRORLEVEL 1 GOTO EXIT
CHECKUP MAKEPRD.EXE
IF ERRORLEVEL 1 GOTO EXIT
CHECKUP MERGEPRD.EXE
IF ERRORLEVEL 1 GOTO EXIT
CHECKUP MW.PGM
IF ERRORLEVEL 1 GOTO EXIT
CHECKUP SPELL-AM.EXE
IF ERRORLEVEL 1 GOTO EXIT
WORD
:EXIT
In the future, use the WRD command to invoke
Microsoft Word. CHECKUP will examine all of
Microsoft Word's executable files and will
allow them to run if (and only if) they pass
CHECKUP's scrutiny. Of course, unlike
Microsoft Word, many applications have only
one principal executable file to check,
greatly simplifying implementation of pre-run
checking through DOS batch files.
* Regularly check and log available disk space.
Aggressive viruses decrease storage space as
they spread throughout a system. This
activity can be identified through rigorous
monitoring.
The following commands, added to
AUTOEXEC.BAT, will track disk usage:
CD \
DIR >> DIR.LOG
TYPE DIR.LOG > PRN
* Observe the time it takes for programs to
load--infected files take longer. Programs
exhibiting longer than normal load times
might be infected (see next tip for related
information).
* Scrutinize disk accesses whenever possible.
Viruses can spend large amounts of time
scanning directories and executable files as
they search for new, uninfected host files.
Programs conducting longer than normal disk
I/O, especially during load-time, might be
infected.
* Periodically re-install applications from
their master