pshamlen@amherst.bitnet (04/09/91)
(I apologize if this repeats a recent post, but I have not found any reference to the topic in the news items listed at my site.) What protection, if any, do the FTP sites provide against programs containing viruses? Some bulletin board operators check each program uploaded for common viruses, but this usually takes a fair amount of time. Do some FTP sites do the same? Have there been any cases of infected programs on FTP sites? Do some users check the programs that they download? It would seem to me that, due to the limited access of upload capability on FTP sites, that the files stored within would be fairly secure. However, as evidenced by the traffic on the more popular FTP sites, clearly these sites distribute a great deal of data across the nets. Therefore, it would seem that computer viruses would be of some concern. I'm interested in knowing what others think of the risks of FTP sites. Please E-mail responses to me, and I will post a summary to this newsgroup. -- <<< Peter S. Hamlen Ni! pshamlen@amherst.edu >>>
ts@uwasa.fi (Timo Salmi) (04/10/91)
In article <12702.28012bda@amherst.bitnet> pshamlen@amherst.bitnet writes: >(I apologize if this repeats a recent post, but I have not found any reference >to the topic in the news items listed at my site.) > >What protection, if any, do the FTP sites provide against programs containing >viruses? Some bulletin board operators check each program uploaded for common >viruses, but this usually takes a fair amount of time. Do some FTP sites do >the same? Have there been any cases of infected programs on FTP sites? Do some >users check the programs that they download? : I apologize that this reply repeats a recent post :-) but you can find information (also) on this question in the ubiquitous /pc/ts/tsfaq19.arc Frequently Asked Questions collection. ................................................................... Prof. Timo Salmi Moderating at garbo.uwasa.fi anonymous ftp archives 128.214.12.37 School of Business Studies, University of Vaasa, SF-65101, Finland Internet: ts@chyde.uwasa.fi Funet: gado::salmi Bitnet: salmi@finfun
davidsen@sixhub.UUCP (Wm E. Davidsen Jr) (04/11/91)
In article <12702.28012bda@amherst.bitnet> pshamlen@amherst.bitnet writes: | What protection, if any, do the FTP sites provide against programs containing | viruses? Some bulletin board operators check each program uploaded for common | viruses, but this usually takes a fair amount of time. The only protection an ftp site has is diligence by the administration. That goes for a news group or BBS. You bet your favorite body part that it takes time. I believe that simtel20, garbo, and grape check submissions in their regular areas, I don't know their current policy on the upload area. I don't specify which checkers and methods I use, but there are three checkers run before the program is reviewed, and two detectors running while programs are tested. I believe that the last time I talked to Keith that he was not about to specify what he used either. I don't speak for anyone else, so that should be taken as my understanding and not a statement of policy. I will add that I don't trust what I download from *anywhere*, for technical reasons. There is always a gap between the time a virus hits the streets and the time the checkers and fixers catch up. I certainly don't have the time or CPU to go back and recheck all the stuff I have which might have been infected, and I bet no one else does either. Therefore you are only assurred that *at the time I posted* I tried like hell to find a problem, but I'm not going back and looking at stuff which is already out. Actually I should start calling the backlog a feature instead of a problem, and say I do it to give the virus checkers a chance to catch up. That's the ticket... I'm forcing some new antivirals into the queue tonight, which is why I'm home instead of out at a meeting. These are the latest I have. -- bill davidsen - davidsen@sixhub.uucp (uunet!crdgw1!sixhub!davidsen) sysop *IX BBS and Public Access UNIX moderator of comp.binaries.ibm.pc and 80386 mailing list "Stupidity, like virtue, is its own reward" -me