On Thu, 27 Jun 1996, Mike Baxter wrote:
> There is no substitute for the desktop scanning, the biggest threat is
> still from floppy disks.
Virus discussions on firewall lists have a tendency to drift remorselessy
off-topic. However, anyone who is considering all their antivirus eggs
might like to consider the following. The guesstimated figures are borrowed
from Dr. Alan Solomon, who knows a thing or two about the PC virus field....
Around 70% of reported infections are still boot sector viruses - these
can only normally spread accidentally/unwittingly by booting a PC with
an infected floppy in drive A. It -is- possible to transmit BSVs across
networks using a dropper or an infected disk image, but this is not a
significant transmission vector.
Around 10% are multipartite: that is, they can infect files -and- boot
sectors, so transmission via a network of some description is a possibility.
A very few infections are COM and/or EXE infectors. These tend to have a
higher profile than their numbers would indicate. The potential impact of a
fast infecting file virus on a network may well have a bearing on this.
Alan's guess is less than 1%.
The rest are macro viruses, though only Concept is common at present
(probably the most common single virus, currently).
While the figures are open to negotiation, it's clear that a high percentage
of viruses continue to infect independently of network connections and
any sort of firewall.
David Harley <harley @
Support & Security Analyst
Imperial Cancer Research Fund
[Maintainer, alt.comp.virus. FAQ]