Definitions Department:
                     
                     
                     
    Virus:  Some program which attaches itself to other programs
                     
            generally to do some sort of damage later on.  Its a
                     
            program which replicates itself.
                     
                     
                     
    Trojan Horse:  A program which pretends to have some useful
                     
            function, and usually just destroys your hard drive
                     
            or files somehow.
                     
                     
                     
    Time Bomb:  A program which runs several times before "blowing
                     
            up" and taking something with it.
                     
                     
                     
Although these are simple definitions, for people who didn't understand,
                     
I think they are necessary.
                     
                     
                     
Commercially available anti-viral programs:  There are MANY!
                     
                     
                     
    The problem is that most of the public domain programs are very
                     
    limited in ability and aren't going to protect your files against
                     
    all of the present damaging viruses.  Flushot is not bad, but
                     
    it does not take care of most viruses.  It does a nice job wiping
                     
    the Lehigh Virus and several others, but I don't believe it is
                     
    general enough to take care of most viruses.  Testing it, I've
                     
    found a few problems.  There are two public domain programs
                     
    being circulated called Vaccine.  One of them isn't bad.  The
                     
    name is in trouble though.  A company called "FoundationWare" out
                     
    of Ohio has the name Trademarked.
                     
                     
                     
    There are a few good packages for sale.    The aforementioned
                     
    Vaccine package by FoundationWare is quite good.  I would never
                     
    use it however.  It is indicative of most anti-viral packages.
                     
    What they do is lock up the system so that no executable or
                     
    command file can change.  Whether they do it by CRC check or
                     
    some other check, they keep the user from editing programs.
                     
    You cannot write programs in such an environment.  Although
                     
    this is great for businesses.
                     
                     
                     
    We of Lehigh Valley Innovative Technologies have been working for
                     
    several months on the 'perfect' anti-virus design.  We should
                     
    be releasing it in the next 2 - 3 weeks.  We would like feedback
                     
    on it when it is released.  We will have versions for MS-DOS
                     
    and Macintosh's as well.
                     
                     
                     
Comments:
                     
                     
                     
    I'd like to explain the quote of Fred Cohen made by Ken.  Fred,
                     
    incidently, is the premier name in viruses.  He has fashioned
                     
    his career on working on them.  I knew him when he used to teach
                     
    at Lehigh University.  A brilliant man, although I never got
                     
    along with him.   What he was saying was that you may be able
                     
    to create a package which wipes out all present viruses, but someone
                     
    will always be able to find a way around it if they spend enough
                     
    time working on it.
                     
                     
                     
    That brings my next point up.  Its our job to create a virus
                     
    busting program which will stop every currently known virus, AND
                     
    be as hard as possible to crack or to find a way around.
                     
                     
                     
    Which brings up my third point:  I read your comment, Ken, about
                     
    ten times, and I still don't understand it.   I don't believe
                     
    public domain programs are the answer at all.  I believe we should
                     
    use commercially available fixes.    But, likewise, you mention
                     
    that public domain virus-fixes should be given with source code.
                     
    If we want to make the perfect fix... one that will take the
                     
    virus writer infinitely long to break, then we do NOT want source
                     
    code EVER given out, or even the details of how the system works!
                     
                     
                     
Viruses:
                     
                     
                     
    Let me go over some existing viruses, so people know what to watch
                     
    out for:
                     
                     
                     
    Lehigh Virus:  The Lehigh Virus injects itself into MS-DOS Command.Com.
                     
    I, along with Chris Bracy, Joe Sieczkowski, and Mitchel Ludwig solved
                     
    this particular virus for Lehigh University.  The virus will copy
                     
    itself 4 times into other command.com files, and after the fourth,
                     
    will explode, taking with it any files on any disks in the drives and
                     
    your hard disk too.  What to watch for?  Watch the write date on
                     
    command.com, it changes when the Lehigh Virus goes.  To protect against
                     
    it, attrib +r your command files, and you won't have a problem.
                     
                     
                     
    Israeli Virus:  Not much is known.  It apparently attaches itself
                     
    to all executable files, appending itself to the end of the file.
                     
    Watch for growing files.
                     
                     
                     
    Brain Virus:  The brain virus has hit everywhere.  We have seen
                     
    examples of it out at UCSF and UCB, as well as the east coast.
                     
    All the brain virus does is change the label of the disk to (C)
                     
    Brain, and mark floppy sectors as bad (unused sectors).  It is
                     
    not incredibly destructive but very annoying.
                     
                     
                     
    PKArc:  There is a bad version of PKArc floating around that
                     
    wipes your hard disk.
                     
                     
                     
    MacKiller:  Is a nasty little virus that was apparently written
                     
    by an MS-DOS lover.   The problem isn't yet widespread, but its
                     
    a Mac virus we have now encountered.
                     
                     
                     
    And many others.  BE CAREFUL!
                     
                     
                     
                     
                     
                     
                     
                         Loren K Keim

Takaisin

(C) Marko, Suomen Atari-sivut / ArkiSTo 2003