Polymorphics can do a lot of damage. I know of a russian virus that
really f @
cked up motherboards ( it was rather lame.. ) before it did
anything else. If you got such a thing on any machine..
The problem with them is that they are hard to detect, and if a new
Internet worm was polymorphic, I dare not think of consequences..
Paul
Ron DuFresne wrote:
>
> On Fri, 28 Feb 1997, Pavel Galynin wrote:
>
> > crumrig @
us-state .
gov wrote:
> > >
> > >
> > > the desktop as well, as this is w
> > > here a lot of these things start out life. Besides, I think cleaning up a virus at the wall as something comes in is a ton easier
than having
> > to clean up 4 thousand machines, don't you? I guess what I would like
> > to say is that a case can be made for both.
> >
> > If you show me aproduct that would do heuristic scanning ( the only way
> > to catch polymorphics ) without considerable overhead, I'll kiss your
> > butt. :))
>
> Paul, still the thing about most of these 'polymorphs' you talk about,
> unless they are bootsector infectors, aren't a problem once you get to a�
> unix or unix clone or even ntfs. It's just something you dos/win folks
> have to worry about. Granted, many desktops are still in that dos/win
> <non-nt> game, but, desktops are moving over, and rapidly.
>
> Thing is, unless virus protection goe into the bios or CMOS, boot sector
> infectors are the major issue to be concerned with at this time. Unless
> one is totally unprotected...
>
> Later,
>
> Ron DuFresne
>
> >
> > >
> > > ---------------Original Message---------------
> > > On Thu, 27 Feb 1997, Pavel Galynin wrote:
> > >
> > > > --------------------------- cut ----------------------------------------
> > > > > > I don't think the virus filters come close to being worth the cost.
> > > > > >
> > > > >
> > > > > Every organization I have worked with found that the best way to handle
> > > > > the issue of viri is at the desktop workstation.
> > > > >
> > > > It is the most efficient way, efficience/cost ratiowise, but it is not
> > > > perfect and leaves HUGE scurity holes.
> > >
> > > Agreed it's not perfect, but is at this time the most viable solution
> > > available. Sure, one can scan at the wall/gateway, but, that's more
> > > imperfect a solution at this point in time, not to mention the possible
> > > bottlenecking that can most likely ensue. But as for this leaving "HUGE
> > > scurity holes", I'd certainly like to see you clarify that statement a tad
> > > <smile>...
> > >
> > > Later,
> > >
> > > Ron DuFresne
> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > > "Cutting the space budget really restores my faith in humanity. It
> > > eliminates dreams, goals, and ideals and lets us get straight to the
> > > business of hate, debauchery, and self-annihilation." -- Johnny Hart
> > > ***testing, only testing, and damn good at it too!***
> > >
> > > OK, so you're a Ph.D. Just don't touch anything.
> > >
> > > ----------End of Original Message----------
> >
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> "Cutting the space budget really restores my faith in humanity. It
> eliminates dreams, goals, and ideals and lets us get straight to the
> business of hate, debauchery, and self-annihilation." -- Johnny Hart
> ***testing, only testing, and damn good at it too!***
>
> OK, so you're a Ph.D. Just don't touch anything.
References:
|
|
