Great Circle Associates Firewalls
(May 1994) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: virus checking utilities
From: "Michael S. Hines" <MSHINES @ freh-02 . adpc . purdue . edu>
Organization: Purdue University
Date: 27 May 94 08:18:21 EST
To: firewalls @ Greatcircle . com
Priority: normal 
Karyn, et al...

(disclaimer:  this is probabily not firewalls related)

There was talk at last years FIRST Workshop in St. Louis about such a
product that could search various forms of compressed files as well as
native binaries on UNIX ftp servers, for Intel type MS/PC-DOS programs.
The value was that the anonymous ftp site could periodically scan its
holdings for "unfriendly" software.

I don't know if the concept advanced beyound the talk stages or not.
Seems like a good idea, with numerous UNIX systems holding millions of
bytes of DOS programs for worldwide distribution.

Of course, this in no way reduced the individual users responsibility to
monitor the integrity of programs on his/her computer.

While were off subject.... does anyone know of a Tripwire like product for
MS-DOS or Windows that will monitor operating system integrity?  Seems
like the risk and vulnerabilities are just as great, and the installed
base even larger.

(running for cover, before mjr. "fires at Will".. :)

Thx.

>   Does anyone know of virus-scanning software which will play on a unix
>   (sparc-2, sunos 4.1.3) bastion host running with TIS Firewall Toolkit.
>
>   The goal is to scan ftp'd data.
>
>I'm not aware of anything that can check for PC or MAC viruses while
>the file is on a UNIX host.
>
>The big problem I see is that ftp'd data is usually not in executible
>form, it's usually zip'ed, uuencoded, or at least has gone through
>some sort of compression algorithm.  Standard virus scanning packages
>just can't take into consideration all the modifications a file goes
>through when it's compressed, so I doubt that this sort of virus
>scanning can be done.
>
>Karyn Pichnarczyk
>CIAC Team

----------------------------------------------------------------------
Internet:  mshines @
 ia .
 purdue .
 edu      |  Michael S. Hines
Bitnet:    michaelh @
 purccvm           |  Sr. Information Systems Auditor
Purdue WIZARD Mail: MSHINES           |  Purdue University
GTE Net Voice: (317) 494-5845         |  1065 Freehafer Hall
GTE Net FAX:   (317) 496-1814         |  West Lafayette, IN 47907-1065
CompuServe: 73240,1631                |
America On-Line: mysterios            |
Indexed By Date Previous: Re: PC-NFS firewall
From: fwnews @ callisto . eci-esyst . com
Next: Re: TIS gateways not observing timeout
From: Frederick M Avolio <avolio @ tis . com>
Indexed By Thread Previous: Re: virus checking utilities
From: chip @ chinacat . unicom . com (Chip Rosenthal)
Next: Re: virus checking utilities
From: Paul . Danielson @ West . Sun . COM (Paul Danielson)
Google
 
Search Internet Search www.greatcircle.com