padgett%tccslr.dnet@uvs1.orl.mmc.com (Padgett Peterson) (08/23/90)
Recently, Mr. Y. Radai wrote on the use of the Disk Manager read-only capability for virus proofing. While that may work well for an experienced person in the micro, for the macro, it would mean yet another set of drivers for technicians at large installations to keep handy. Further, any extended partitions created with DM require a unigue file (DMDRIVER.BIN as I recall) to access them. Since our procedure with a suspected virus is to boot "bare" from a write-protected floppy and not execute ANY file from the suspect system until proven safe and we have enough trouble with the Bernoulli RCD driver and Zenith ASGNPART, to add a unique driver to each machine would be a logistical nightmare (I already carry four re-configurable boot disks). He is correct in stating that while the read-only attribute in DM is software and trivial to bypass, no known virus even looks for it so would probably be effective. ANFSCD re: viral naming Personally, I would prefer a descriptive name rather than code numbers for designation. In the first place, a virus can have several different numbers (Jerusalem: 1792, 1808, 1818. see also 450, 453, 460, etc.) depending on which characteristic is noted. Next, I have a a time remembering if the new stealth virus is the 1260 or 1253. Finally, a descriptive name is easier to remenber since there are meaningful associations (e.g. 1701/1704 vs Cascade). Several times people including myself have tried to classify viruses. I use a code for memory residence that some people seem to like (Rs, Rh, Rt...) since it aids in diagnosis if something unusual pops up (4096 is a Rh and easily detectable when resident because of it), but is more for deciding if a machine is infected rather than something to call it. In any event, I would like to cast a vote for more meaningful names than simple numerics. Certainly, Arcturus and Betelguise are more elegant names for stellar bodies than their codal equivalents. Oh well, 0 Sirius. - Padgett