Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!uflorida!gatech!gitpyr!ccasths
From: ccasths@pyr.gatech.EDU (Scott Hinckley)
Newsgroups: comp.sys.mac
Subject: Re: Virus protection (was: Re: nVIR info)
Message-ID: <6448@pyr.gatech.EDU>
Date: 25 Sep 88 20:02:58 GMT
References: <20200005@uxh.cso.uiuc.edu> <3716@charon.unm.edu> <541@uva.UUCP> <6443@pyr.gatech.EDU> <720@cps3xx.UUCP>
Reply-To: ccasths@pyr.UUCP (Scott Hinckley)
Organization: Georgia Institute of Technology
Lines: 20

In article <720@cps3xx.UUCP> usenet@cps3xx.UUCP (Usenet file owner) writes:
>
>  Unfortunately, a smart virus author could preserve the modification
>date.  So this wouldn't work 100% of the time.  The rest of the time
>it would work, but would be too much work, I think (some programs,
>like WriteNow for instance, mark files as modified even if they've
>only been opened).
>  Nice try though.

I mentioned doing a checksum and a mod date check.
However, the time and trouble problem still holds.


+=======================================================================+
|Scott Hinckley - OCS User Assistant    AKA - Galaxy's End              |
|Georgia Insitute of Technology, Atlanta Georgia, 30332                 |
|uucp: ...!gatech!pyr!ccasths            USnail: 345 Peachtree Pl NW    | 
|ARPA: ccasths@pyr.gatech.edu                    Atlanta, Ga.  30318    |
|                            I reply to ALL E-Mail                      |
+=======================================================================+