On Wed, 5 Feb 1997, Alan Cox wrote:
> > In any event -- McAfee may be able to add this to
> > their existing uvscan product. uvscan scan Linux
> > filesystems for DOS and Windows (including Word Macro)
> > viruses. It may be possible for the AV team to
> > simply add bliss' signature to the next release -- and
> > it may even be possible for them to create a remover.
>
> I've had a look at the algorithms used for this "Bliss" toy. Its quite
> interesting as its a completely portable technique. It works for NT
> DLL's it works for all Unixen.
>
> Tripwire pretty much immediately spots such tampering.
>
I find this aspect of 'portability' interesting. One of the security
weinies where I'm presently contracted <folks here make great use of NT>
made a claim in a class he was teaching, that it's far to costly to write
viri for 32bit OS'. Since the class wasn't about viri, and this side
issue was brought up for just a short note, I chose not at the time to
challenge the issue. Anyone willing to share some clues with folks like
me here?
thanks, my best to all,
Ron Dufresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior consultant: darkstar.sysinfo.com
http://darkstar.sysinfo.com
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
|
|
