Hi Wayne,
Wayne Chirnside to Paul Walker, 19 Apr 97 12:07.
 WC> i was interested in safe sites such as might be maintained by av
 WC> people. your right about a whole different kettle of fish. i play
"Respectable" AV people don't maintain a site of live viruses. Some 
interesting
ones to read, though, are www.drsolomon.com, and www.av.ibm.com (?). They 
oth
have technical libraries, and the automatic signature extraction in 
articular
(at IBM) is interesting.
 WC> machine code some years ago with a 6502, also 1802, but it's been so
 WC> long lost most of it and wouldn't know where to look for resources.
Erk. Bit out of date as well.
 WC> tag along executables. if i was interested in malicious code for
 WC> destructive purposes i seem to remember some C code we played with in
Destructive C code can be as short as two lines - overwrite FAT/bootrecord, 
and
then emit int 19h to reboot. (Int 19h isn't the recommended way, but in a 
virus
you wouldn't care!)
 WC> requirement for such have been significantly lessen'd by some rather
 WC> clever use's of mirror, unformat and recent backups. if in doubt
I would also recommend the Thunderbyte "suite" - TbDisk protects disks, and 
I
think) TbDriver detects tunnelling attempts, so you should be fairly safe.
Backups are always a good idea though.
(Says Paul, looking at his latest ones - from 1995. Hmm.)
 WC> overwrite. thanx anyhow.
No trouble.
--- FMail 1.22
---------------