seanhull@acsu.buffalo.edu (Sean P. Hull) (02/10/91)
Hello-
I have a MAC SE, with 20Meg harddrive. It is running SAM
intercept, which catches some kinds of viruses, but not all. Recently
the harddrive became infected again, by some unknown user. This mac
has a fairly small user population, but viruses still keep creeping
up.
Most of the use for the harddrive is for the applications which
are already on it, that is rarely would anyone need to write to the
harddrive.
What I would like to do it make writing to the harddrive require
a password. Since most everything a user could need is on the
harddrive already, I don't THINK this should be a problem. If the
user wants to edit one of THEIR files in say MACWRITE, it would read
from THEIR disk, and write to THEIR disk, without writing to the
harddrive (hopefully). Now, I realise there IS a clipboard, but as
far as I can tell, this is resident in memory, and does not REALLY
have to be SAVED to the harddrive periodically. Perhaps I am wrong
on this point. (Theoretically it could be implemented this way)
Is the above possible? If it is, how is it done? What are the
sideaffects, if any to this solution? Are there other solutions to
keeping ALL viruses off the harddrive?
Thanks
Sean
--
_S_e_a_n _P_. _H_u_l_l _U_n_i_v_e_r_s_i_t_y _o_f _B_u_f_f_a_l_o _s_e_a_n_h_u_l_l_@_s_y_b_i_l_._c_s_._b_u_f_f_a_l_o_._e_d_u
/ ___|| ___| / \ | \| || _ \| |_| || || || | | |
\__ \ | >__ | || || __/| _ || || |_ | |_
|_____/ |______||__||__||__|\__||__| ||__| |__| \____/ |____||____| delann@cs.umu.se (Anders Nyman) (02/10/91)
In article <58898@eerie.acsu.Buffalo.EDU> seanhull@acsu.buffalo.edu (Sean P. Hull) writes: >Hello- > I have a MAC SE, with 20Meg harddrive. It is running SAM >intercept, which catches some kinds of viruses, but not all. Recently >the harddrive became infected again, by some unknown user. This mac >has a fairly small user population, but viruses still keep creeping >up. > Most of the use for the harddrive is for the applications which >are already on it, that is rarely would anyone need to write to the >harddrive. > What I would like to do it make writing to the harddrive require >a password. Since most everything a user could need is on the >harddrive already, I don't THINK this should be a problem. If the >user wants to edit one of THEIR files in say MACWRITE, it would read >from THEIR disk, and write to THEIR disk, without writing to the >harddrive (hopefully). Now, I realise there IS a clipboard, but as >far as I can tell, this is resident in memory, and does not REALLY >have to be SAVED to the harddrive periodically. Perhaps I am wrong >on this point. (Theoretically it could be implemented this way) > > Is the above possible? If it is, how is it done? What are the >sideaffects, if any to this solution? Are there other solutions to >keeping ALL viruses off the harddrive? > Maybe you should try out GateKeeper as virusprotection. Maybe it will catch the virus witch SAM doesn't. I haven't used SAM myself and can't say if it will work. As long as you doesn't have to change your applications and systemfiles you also could try to lock the files. I think this would stop virusinfections. Virus witch infects the Desktop file will not be stopped since locking the desktop file wouldn't be such a great idea, but all virus which are attacking applications and finder/system-files would be stopped. Anders Nyman
swsh@ellis.uchicago.edu (Janet M. Swisher) (02/12/91)
In article <58898@eerie.acsu.Buffalo.EDU> seanhull@acsu.buffalo.edu (Sean P. Hull) writes: > I have a MAC SE, with 20Meg harddrive. It is running SAM >intercept, which catches some kinds of viruses, but not all. Recently >the harddrive became infected again, by some unknown user. Either you haven't updated your copy of SAM, or something is wrong with the way you have it configured. SAM should be able to guard against all known viruses (and in some cases, unknown ones). If there are viruses that have been discovered since you got SAM, Symantec should have sent you a virus update card (provided, of course, that you registered your copy of SAM), with instructions for updating SAM. If you're not getting the update cards, call Symantec's customer service, 800-441-7234 or 408-252-3570. The new virus definitions are also available by calling Symantec's Virus Newsline, 408-255-8744 (available in North America only; note that this a voice line, not a data line), and on AppleLink in Third Party Connection:Software Updates:Symantec:SAM Updates. As new viruses are discovered, their definitions are also posted to comp.virus (and comp.sys.mac.announce, I think) by Paul Cozza, SAM's author. You (or your department) paid a non-negligible amount of money for SAM. It should be able to do what you say you need without crippling your machine as you propose. It just takes a teensy bit of effort on your part to keep current. Disclaimer: My only connection with Symantec is as a customer. -- Janet Swisher Internet: swsh@midway.uchicago.edu University of Chicago Phone: (312) 702-7608 Academic and Public Computing P-mail: 1155 E. 60th St. Chicago IL 60637, USA
francis@uchicago.edu (Francis Stracke) (02/12/91)
Note for anybody wanting to reply: my address is francis@zaphod.uchicago.edu. The From: line will probably be messed up. In article <1991Feb11.212518.20526@midway.uchicago.edu> swsh@ellis.uchicago.edu (Janet M. Swisher) writes: In article <58898@eerie.acsu.Buffalo.EDU> seanhull@acsu.buffalo.edu (Sean P. Hull) writes: > I have a MAC SE, with 20Meg harddrive. It is running SAM >intercept, which catches some kinds of viruses, but not all. Recently >the harddrive became infected again, by some unknown user. Either you haven't updated your copy of SAM, or something is wrong with the way you have it configured. SAM should be able to guard against all known viruses (and in some cases, unknown ones). There is also a quite new virus out, I have heard (in RL, not on the Net), from Spain. Disinifectant 2.5 will (supposedly) be coming out in the next couple of days to handle it; presumably, SAM will handle it soon. Disclaimer: I cannot entirely vouch for the accuracy of this information; it came from somebody working with JLN, but it is at least possible he was misinformed. (No, I won't give his name--this is my post, not his. [Except, probably, to JLN, if it matters.]) Claimer: This person's information has always been reliable in the past. :-) -- /=============================================================================\ | Francis Stracke | My opinions are my own. I don't steal them.| | Department of Mathematics |=============================================| | University of Chicago | Until you stalk and overrun, | | francis@zaphod.uchicago.edu | you can't devour anyone. -- Hobbes | \=============================================================================/
jln@casbah.acns.nwu.edu (John Norstad) (02/13/91)
In article <FRANCIS.91Feb11163658@arthur.uchicago.edu> francis@uchicago.edu (Francis Stracke) writes: >There is also a quite new virus out, I have heard (in RL, not on the >Net), from Spain. Disinifectant 2.5 will (supposedly) be coming out >in the next couple of days to handle it; presumably, SAM will handle >it soon. > > Disclaimer: I cannot entirely vouch for the accuracy of this > information; it came from somebody working with JLN, but it is at > least possible he was misinformed. (No, I won't give his name--this > is my post, not his. [Except, probably, to JLN, if it matters.]) This is a FALSE ALARM! That "new" virus turned out to be ANTI-B, which is recognized by Disinfectant 2.2, 2.3, and 2.4. The confusion was because the report was sent to me in Spanish, and I had to get help from my net friends to get it translated. There are no immediate plans to release Disinfectant 2.5, and I have no knowledge of any new Mac viruses which 2.5 does not recognize. Despite his disclaimer, Mr. Stracke should have refrained from posting this rumor. In the past these kinds of rumors have caused great confusion, which is why I always refrain from saying anthing about viruses in public unless I have a copy, have analyzed it, and know for sure what I'm talking about. John Norstad Academic Computing and Network Services Northwestern University jln@casbah.acns.nwu.edu
jln@casbah.acns.nwu.edu (John Norstad) (02/13/91)
In article <3453@casbah.acns.nwu.edu> jln@casbah.acns.nwu.edu (John Norstad - that's me) writes: > There are no immediate plans to release Disinfectant 2.5, and I have no > knowledge of any new Mac viruses which 2.5 does not recognize. ^^^ Of course, I meant to say "which 2.4 does not recognize." Sorry. John Norstad Academic Computing and Network Services Northwestern University jln@casbah.acns.nwu.edu