padgett%tccslr.dnet@uvs1.orl.mmc.com (Padgett Peterson) (10/29/90)
In issue 175 Bob Bosen writes: >In view of the general disregard of security >issues demonstrated by most LAN vendors so far, it will not be >surprising if viruses develop that can cross these server-operating >system boundaries by exploiting known bugs or by deceiving system >operators into granting executable control to decoy programs. But so >far, I have heard of no such thing. Unfortunately, we have. The Internet worm carried code for both SUN and VAX ULTRIX machines, detected the architecture of the target machine, and propagated accordingly. Similarly, I have an MS-DOS trojan that supposidly (I have not yet checked it out) detects a Windows environment and makes sure it is run on boot-up. Consequently, it does not have to infect anything else. Like many boot and partition sector infectors that are more worm than virus, it is targetted at a specific environment, however the potential for a MIRV is there. Consequently, I agree with Mr. Bosen that to say that dissimilar client/ server architectures is safety enough is folly. Padgett <I'm not worried about the infections that are known - it's the ones I can imagine that give me heartburn>