Return-Path: XPUM04@prime-a.central-services.umist.ac.uk Received: from G.SEI.CMU.EDU by ubu.cert.sei.cmu.edu (5.61/2.3) id AA04594; Wed, 20 Jun 90 17:34:42 -0400 Received: from SEI.CMU.EDU by g.sei.cmu.edu (5.61/2.5) id AA07242; Wed, 20 Jun 90 17:34:43 -0400 Received: from nsfnet-relay.ac.uk by sei.cmu.edu (5.61/2.3) id AA23607; Wed, 20 Jun 90 17:34:34 -0400 Received: from sun.nsfnet-relay.ac.uk by vax.NSFnet-Relay.AC.UK via Janet with NIFTP id aa23624; 20 Jun 90 16:30 BST From: Anthony Appleyard To: DAVIDF@cs.heriot-watt.ac.uk Date: Wed, 20 Jun 90 16:37:32 BST Message-Id: <$TGWGCZNQBTVG at UMPA> Subject: Virus-L vol 0 issue #1105 Virus-L Digest Sat, 5 Nov 88, Volume 0 : Issue #1105 Today's Topics VMS/VAX Re: Anti-Viral Software Re: Debrain.exe UUxxx files on the Listser Re: Debrain.exe Re: Debrain.exe Re: debrain.exe & ftp... Re: Anybody home? DEBRAIN.EXE ** no subject, date = Sat, 5 Nov 88 14:18:54 EDT Vfeature Re: comments on EEV vs FEV ** no subject, date = Sat, 5 Nov 88 22:48:41 EST FTP and BITNET ------------------------------ Date: Sat, 5 Nov 88 00:31:55 GMT From: ZDEE731@ELM.CC.KCL.AC.UK Subject: VMS/VAX Have any viruses been discovered on VMS/VAX? Regards Bob (UK) UK.AC.KCL.CC.ELM -------------------- Date: Sat, 5 Nov 88 11:07:56 EDT From: Jean Coppola Subject: Re: Anti-Viral Software In-Reply-To: Message of Mon, 31 Oct 88 00:23:41 EST from That would be a good idea to have it on the LISTSERV. Also could someone explain how the UUxx programs work? -------------------- Date: Sat, 5 Nov 88 11:14:35 EDT From: SSAT@PACEVM Subject: Re: Debrain.exe In-Reply-To: Message of Mon, 31 Oct 88 10:23:02 EST from For those of us new to this, how do I get a file from umd5.umd.edu over Bitnet? -------------------- Date: Sat, 5 Nov 88 12:17:40 EST From: "David A. Bader" Subject: UUxxx files on the Listser Since Bitnet mail can only transfer data as ascii, and not as binary, there needs to be a method to send someone a binary file over Bitnet. UUxxxs turn a binary file into a cryptic ascii file for this purpose. The source code for UUENCODE (the sender's encoding program) and UUDECODE (the receiver's decoding program) are readily available over this Listserv and many other houses of public domain software. For using the particular version of UUENCODE or UUDECODE, you would have to check the docs for that particular version. David Bader DAB3@LEHIGH -------------------- Date: Sat, 5 Nov 88 12:21:00 EST From: Jim Shaffer Subject: Re: Debrain.exe >For those of us new to this, how do i get a file from umd5.umd.edu >over Bitnet? You don't. * FLAME ON * Bitnet is utterly incapable of supporting FTP, due to someone's decision to ignore the well-established TCP/IP protocol way back when Bitnet was founded. I'm sure there was a good reason for this at the time (probably money), but it makes us look like fools today and I'm sick and tired of it. * FLAME OFF * -------------------- Date: Sat, 5 Nov 88 12:32:31 EDT From: SSAT@PACEVM Subject: Re: Debrain.exe In-Reply-To: Message of Sat, 5 Nov 88 12:21:00 EST from Great so how does someone go about requesting debrain.exe from umd5.umd.edu -------------------- Date: Sat, 5 Nov 88 12:35:36 EST From: ENGNBSC@BUACCA Subject: Re: debrain.exe & ftp... >You don't. Not necessarily. BITNet access does not preclude Internet access! Basically, you have to find yourself a ftp-capable site (perhaps even your own), and go get it - just log in as anonymous. >good reason at the time (probably money)... You're right - BITNet was (and in places still IS) a string of modems talking back and forth. In the early days, most of these links were 1200 baud modems... Primitive, yes - but (when the links are up :-( it gets the job done. So you can't ftp over it - with the instability of some of my favorite links, I really wouldn't want to think about ftp... besides, how would you like to try to slurp a *REALLY* big file through a 1200 baud modem with BITNet mail building up on either side of it?? No thanks. Bruce Howells, engnbsc@buacca.bu.edu / engnbsc@buacca.BITNet - The opinions expressed above are mine, and do not necessarily represent those of Boston University, nor anyone else... -------------------- Date: Sat, 5 Nov 88 10:53:00 MST From: Bernie Subject: Re: Anybody home? In-Reply-To: Message of 2 Nov 88 07:28 MST from "Robert Slade" Odd, I'm getting a whole bunch. In our local newspaper, "Computer virus wreaks U.S. chaos" hit the print. Greg LYPOWY was telling me this was an SMTP virus. Anybody have any info. on this? I can't really think of how this one would work, but Greg says it logs into SMTP and get's into a debug shell "?" and continues to trash the system. So much for no virus that can go between machines! I does't sorta' make sense. Some systems SMTP is just a dummy account that runs something to handle sendmail. The one here used to be so stupid as to have no password and anyone could just control-c out of it before it ran the program. I gather if this virus were to then 'upload' some C code, compile it, propagate and kill itself, that would work. Then it wouldn't have to be machine dependant. BUT whoever wrote such a thing is not your average "cracker" or "hacker". I'd say a scientist with a vengeance. Just goes to show admin. is stupid for not allowing research on this topic. They're leaving themselves and the real world open for all sorts of problems.... Just like environmental issues.... If there's a problem, ignore it, it'll just go away.... ha. -------------------- Date: Sat, 5 Nov 88 13:13:36 EDT From: Jean Coppola Subject: DEBRAIN.EXE Can anyone tell me where DEBRAIN.EXE resides on Bitnet where it can be requested from? -------------------- Date: Sat, 5 Nov 88 14:18:54 EDT From: SSAT@PACEVM In a round about way I found an interesting situation. Vfeature Deluxe from Golden Bow is for partitioning disks. However it has a security feature called mount. When you password protect a drive you must mount it before it can be used. However even when mounted correctly, Vfeature stops low level writes to the mounted drive, such as trying to use Fastback to restore files to the drive. I think this bears out more investigation. This might be a way to protect a drive? -------------------- Date: Sat, 5 Nov 88 14:48:16 EST From: "David A. Bader" Subject: Vfeature I did not quite understand what exactly this "Vfeature" is or does. If it is software, however, wouldn't there have to be another way with software (e.g. a virus) to get around it? David Bader DAB3@LEHIGH -------------------- Date: Sat, 5 Nov 88 21:39:33 CDT From: Len Levine Subject: Re: comments on EEV vs FEV In-Reply-To: Message from "Ken van Wyk" of Nov 3, 88 at 10:02 am The point I was trying to make with the FEV and the EEV was that the fix for an EEV is to fix a problem. The fix for an FEV is to remove the feature, or live with the virus. As an example, the recent UNIX virus depended in one respect on a Feature of the sendmail program (debug) and not on an error. The debug feature was to powerful to leave in the system, UNIX worked just like it should have and the virus got into the system. + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + | Leonard P. Levine e-mail len@evax.milw.wisc.edu | | Professor, Computer Science Office (414) 229-5170 | | University of Wisconsin-Milwaukee Home (414) 962-4719 | | Milwaukee, WI 53201 U.S.A. Modem (414) 962-6228 | + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + -------------------- Date: Sat, 5 Nov 88 22:48:41 EST From: James Paterson In-Reply-To: Message of Thu, 3 Nov 88 13:01:00 CST from >From what I have seen of OS/2, it does not allow application programs direct access to memory. All requests are routed, and there is virtual addressing capabilites. I have read (In a book written by the development team) that the virtual addressing is automatic, and should be completely transparent to applications written for the operating system. This could provide some protection against viruses, but the operating system would have to make sure that the application would not alter the exe file, which I don't think it monitors. James Paterson (ACDJAMES@UOGUELPH) -------------------- Date: Sat, 5 Nov 88 18:22:28 CST From: James Ford Subject: FTP and BITNET >>For those of us new to this, how do i get a file from umd5.umd.edu >>over Bitnet? >You don't. >* FLAME ON * >Bitnet is utterly incapable of supporting FTP, due to someone's decision >to ignore the well-established TCP/IP protocol way back when Bitnet was >founded. I'm sure there was a good reason for this at the time (probably >money), but it makes us look like fools today and I'm sick and tired of it. >* FLAME OFF * I'm not sure that this is correct. I have been FTPing files for quite a while from SimTel20, CUHUG and other places, and this is a BITNET node. Perhaps your system isn't capable........ If you are able, here is some FTP-available locations. James Ford jford1@ua1vm.BITNET - ---------------------------------------------------------------------- The following format is the same for all numbers on this list. Name ------------ CUHUG BBS Number.string --- 128.153.13.196 User id -------- Anonymous Password -------- guests SimTel20 26.0.0.74 Anonymous guests UXE.CSO.UIUC.EDU 128.174.5.54 anonymous guests UDM.UND.EDU 128.8.10.5 anonymous guests -------------------- *** end of Virus-L issue ***