root@kgw2.bwi.WEC.COM (Operator) (12/07/90)
friends, i am having a problem with virus paranoia here. maybe it is legit. please help me. management is very scared of individuals downloading code from places such as uunet, gatekeeper, and any other source such as an archive site or postings in news. thier philosphy is "if you can buy it then you can't use it". thier reasoning is that companies that sell software are liable for damages. the problem i have with this is it ignores work such as X-windows from MIT, andrew toolkit, serpant, ... corporations aren't the only sources of good code. besides, where do you think corporations get the personell to write the code? places such as MIT and the FSF provide source. this is good code. how much are you going to spend to get source from a corporation? a lot i suspect. the typical scenario is someone in management picks up a magazine and reads about another PC or macintosh virus and assumes the same is true for workstation class machines. therefore (and i am quoting) "all public domain software is riddled with viruses". i am the system administrator for a network of sun, NeXT, and pc computers that are used solely for software development (not my primary job, i'm a software developer). my philosphy is "allows the users to use whatever tools and environemnts that maximizes thier performance but must be compatable with the other individuals on the project. this includes the free flow of information". so, i'm trying to maintain a network that is as open as possible within the corporation but externally restrictions apply. what i am looking for is documented cases of virus attacks on workstation class machines. i know of none. flood me. flood me about the morris thing which was a worm, not a virus. what was the methods of his attack? if i recall correctly one of his methods of attack was a sendmail bug (which by the way was part of SunOS--something we purchased. would Sun be liable here?). how can if reach CERT electionically? (i think it's CERT isn't it?) [Ed. cert@cert.sei.cmu.edu] i'm looking for virus checking software. what is available? how do they work? who is the experts? i need to become smart in this subject so that i can keep a productive environment for our developers. please reply by email. the company turned off the news spicket because of that nasty public domain software can be posted in any group (link comp.sources) and anyone reading that group can extract and install it. - -- ..!uunet!kgw2!dennisg | Dennis P. Glatting dennisg@Xetron.COM | X2NeXT developer