spoelhof@newkodak.kodak.com (Gordon Spoelhof) (06/05/90)
As an occasional browser of this newsgroup, I have noticed that discussions surrounding mainframe viruses tend to be theoretcial in nature. Questions: 1. How many mainframe viral attacks are documented? 2. How many incidents are reported/not reported? 3. In general, how are the viruses introduced? 4. What corrective measures had to be taken? 5. What preventative measures are taken? 6. What is the level of risk? Discussion anyone? Disclaimer: "Neither my wife nor my employer endorse opinion according to Gordi..." Internet: spoelhof@Kodak.COM Telephone: 716-781-5576 Secretary: 716-724-1365 (Sharon) FAX: 716-781-5799 US Mail: Gordon Spoelhof CIS/ITM 2-9-KO Eastman Kodak Co 343 State Street Rochester, NY 14650-0724
AGUTOWS@WAYNEST1.BITNET (Arthur Gutowski) (04/18/91)
In Virus-L V4 #63: >Date: 16 Apr 91 22:38:13 +0000 >From: braunste@sal-sun12.usc.edu (Gil Braunstein) >I was wondering whether there are documented cases of viruses >infecting mainframes or minis (basically not PCs). ... > my instructor claims that there have not been any >documented cases of viruses infecting mainframes that he knows of. On >the other hand, another instructor claims to know about some cases but >one of the few sources that he pointed out was Fred Cohen's paper. To my knowledge, there are no known mainframe viruses (documented). Unless you count the VM Xmas EXEC (and others like it) viruses. I think these have been classified by most as worms rather than viruses, because they are stand-alone programs and not parasitic. Some time ago (late last year) there was extensive discussion as to the possibility and feasibility of mainframe viruses. As a starting point, you may want to check the Virus-L archives on cert.sei.cmu.edu for these mainframe discussions. As for the Cohen paper, that may too be on the cert archives (if it's available in electronic form-- Ken??). I think the general consensus then was that viruses were definitely possible, but not a huge concern given the complexity of mainframe environments and the different culture associated with mainframes. For what it's worth, [Ed. Sorry,the Cohen papers are not available on our archives; if they are publicly available electronically, I would be happy to place them there, though. If anyone has info on this, please drop me a note.] Arthur Gutowski MVS System Programmer Wayne State University AGUTOWS@WAYNEST1 (BitNet) 1+1=10 AGUTOWS@cms.cc.wayne.edu (InterNet) -Murphy's Base Law of Addition