TIP: Click on subject to list as thread! ANSI
echo: virus_info
to: PATRICK AHLBRECHT
from: DAVID CHORD
date: 1997-10-28 01:32:00
subject: 2 questions
Patrick Ahlbrecht wrote in a message to Kurt Wismer:
[trojans]
 PA> I'd say it's more because trojans aren't that widespread (due to
 PA> the lack of beeing able to reproduce). They'd typically only show
 PA> up on a view systems.
 PA> Also (imho) trojans are more a problem of the Unix world (and since
 PA> most people use MS ...). I mean what could a trojan possible do to
 PA> a MS system  (that is if you were able to upload it afterall) ?
 PA> Formatting your C: ? Big deal ... very satisfyieng indeed. But
 PA> under Unix there are the real possibilities :
 PA> - re-routing mail
 PA> - locking out root
 PA> - leaving backdoors to the system
 PA> - stealing data out of /home
 PA> - ok, crashing the system is possible as well ;)
Hey, you can have some real fun with trojans. Crash the system? Reset switch 
- little damage done. Format the HDD? Ok, maybe cause a few tears, but the 
fix is pretty obvious.
Hows about something like one I picked up and used for a while before 
figuring it out? It was this nice little undelete directory. Unlike MS-DOS's 
undelete, it had a text-GUI and also undeleted directories. But on occaision, 
things went missing and were to corrupted to undelete. I eventually found out 
that when the util was used to undelete a directory (eg PIX), it would 
over-write a directory with the same first letter (POINT) with the undeleted 
data, thus destroying the second directories contents. Sometimes it would 
also cause minor corrutions to the FAT, and cause Dos to ask you to put the 
original disk back in drive D: because it had been changed.
Or hows about another suspected trojan/virus activity on my DOS system - 
redirecting mail for one user to another user, or something that causes minor 
errors/changes to the way DOS works. Whereas a format and re-install me be 
the best, easiest way to do something, most people will try to salvage data. 
I spent 12 hours one day at a friends place trying to recover a slowly 
corrupting disk, reboot to clean floppy, FDISK and format HDD's, and 
re-install from scratch was the only way to fix things - no virus scanner 
would pick anything up either..
Hmm, something that randomly changes a character in a .CFG file, or detects 
and alters whole path lines in a .cfg file - now that would be cruel!
Dave 
--- timEd 1.10
---------------
* Origin: GnomeVille TBBS 64-4 235-6887 (3:771/1560)
SOURCE: echomail via exec-pc

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.