dag@uunet.UU.NET (Dave Gilmour) (04/02/91)
Our company is currently under contract to provide some software to a customer that is worried that, because our system is connected to the USENET, it could potentially become infected with a virus and subsequently transmit that virus to their machine via the delivered software. Given this, I basically have three questions: 1) Are viruses a problem on UNIX machines that are connected to the net? We do not accept binary UNIX sources on our machine, so I presume that trojans are more likely to be a problem than viruses. 2) If viruses are out there ready to infect my UNIX machine, is there any software that I can run to detect/remove them from my machine? 3) What steps should I take in order to "reduce the risk" |-) Any help in the matter will be greatly appreciated. As always, if there is sufficient interest I will summarize to the net. Thanks. System Info : ISC2.2 System V R3.2, Everex Step 386/33 __________________________________________________________________________ David A. Gilmour | dag@esleng.ocunix.on.ca Excalibur Systems Limited | uunet!mitel!cunews!micor!esleng!dag Kanata, Ontario, Canada |
p1@arkham.wimsey.bc.ca (Rob Slade) (04/06/91)
micor!esleng!esleng.ocunix.on.ca!dag@uunet.UU.NET (Dave Gilmour) writes: > 3) What steps should I take in order to "reduce the risk" |-) Others will likely give you better technical information, but the biggest single "whole" that has been shown by the Morris/Internet/UNIX worm, the WANK/VMS worm and Clifford Stoll's experience ("The Cuckoo's Egg") is the failure to rename and reassign security files and system passwords. The best (simple) protection you can give yourself is to change all standard system defaults relating to system access. (UNIX gurus, no flames please. you *know* I am not refering to "terminal type".) ============= Vancouver p1@arkham.wimsey.bc.ca | "Is it plugged in?" Institute for Robert_Slade@mtsg.sfu.ca | "I can't see." Research into (SUZY) INtegrity | "Why not?" User Canada V7K 2G6 | "The power's off Security | here."