Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!uflorida!gatech!gitpyr!ccasths From: ccasths@pyr.gatech.EDU (Scott Hinckley) Newsgroups: comp.sys.mac Subject: Re: Virus protection (was: Re: nVIR info) Message-ID: <6448@pyr.gatech.EDU> Date: 25 Sep 88 20:02:58 GMT References: <20200005@uxh.cso.uiuc.edu> <3716@charon.unm.edu> <541@uva.UUCP> <6443@pyr.gatech.EDU> <720@cps3xx.UUCP> Reply-To: ccasths@pyr.UUCP (Scott Hinckley) Organization: Georgia Institute of Technology Lines: 20 In article <720@cps3xx.UUCP> usenet@cps3xx.UUCP (Usenet file owner) writes: > > Unfortunately, a smart virus author could preserve the modification >date. So this wouldn't work 100% of the time. The rest of the time >it would work, but would be too much work, I think (some programs, >like WriteNow for instance, mark files as modified even if they've >only been opened). > Nice try though. I mentioned doing a checksum and a mod date check. However, the time and trouble problem still holds. +=======================================================================+ |Scott Hinckley - OCS User Assistant AKA - Galaxy's End | |Georgia Insitute of Technology, Atlanta Georgia, 30332 | |uucp: ...!gatech!pyr!ccasths USnail: 345 Peachtree Pl NW | |ARPA: ccasths@pyr.gatech.edu Atlanta, Ga. 30318 | | I reply to ALL E-Mail | +=======================================================================+