SUMMARY - SUN Virus Detection Software

From: John Marsh (john@rod.mitre.org)
Date: Tue Oct 08 1991 - 21:10:19 CDT


Sorry about how long it has taken me to summarize - end of FY blues...

The general consensus on viruses is:

1) Not to worry about "viruses" - it is only barely possible to create
viruses on operating systems that have multiple levels of privileges
(that is any real operating systems). Unless of course a person with
high level privileges starts messing around, in which case you have
more serious problems to worry about.

2) That said, it is possible to create them - there is a USENIX article
from several years ago that speaks to viruses.

3) However, there are other UNIX problems basically having to do with
people exploiting security holes in the operating system. These
include trojan horses, worms, etc.

4) To deal with the worms, etc. SUN provides patches to fill all known
security holes. The system administrators are responsible
for applying the SUN patches. To aid in getting out the word on holes and
SUN patches the CERT group at CMU puts out security alerts.

5) CMU also has a program called "cops" that is available via anonymous
ftp from:

        cert.sei.cmu.edu

This program includes check sums on standard parts of SUNOS to test for
programs that have been modified relative to the standard SUN releases
and for application of patches.

John Marsh - jmarsh@mitre.org - (703)883-7086

Thanks to:

Aydin Edguer <edguer@alpha.ces.cwru.edu>
jstewart@ccs.carleton.ca (John Stewart)
tgsmith@spdev.East.Sun.COM (Timothy G. Smith - Special Projects)
lamour@maestro.mitre.org (Michael Lamoureux)
steve@umiacs.UMD.EDU (Steve D. Miller)
tom@yac.llnl.gov
spike@world.std.com
alek@spatial.com (Alek O. Komarnitsky )
bzs@world.std.com (Barry Shein)
David Fetrow <fetrow@biostat.washington.edu>
beig%FRULM63.BITNET@CUNYVM.CUNY.EDU (Jacques Beigbeder)
RBEBB@USC.PPPL.GOV
chuck-strickland@orl.mmc.com
Franz-Josef Korf <Franz.Korf@arbi.informatik.uni-oldenburg.de>
sphinx!mark@uu.psi.com (Mark Cappel)



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:06:18 CDT