Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!iuvax!purdue!mentor.cc.purdue.edu!ain From: ain@mentor.cc.purdue.edu (Pat-bob White) Newsgroups: comp.sys.amiga Subject: Re: "xeno" virus Message-ID: <3633@mentor.cc.purdue.edu> Date: 11 Aug 89 18:19:39 GMT References: <21fB02Wm49np01@amdahl.uts.amdahl.com>Reply-To: ain@mentor.cc.purdue.edu (Pat-bob White) Organization: PUCC Land, USA Lines: 31 In article hubey@pilot.njin.net (Hubey) writes: >I have thought about this for a while (not the Xeno but viruses in >general) and wondered what would happen if CA (or any other interested >third party) wrote a CRC program which would contain --internally--a >table of CRC values for the most commonly run programs i.e. commands >and utilities. This program could be periodically run (or whenever a >virus was suspected) and would point out potentially corrupt programs >i.e. those whose CRC did not check out! Anyone could write a program to do that now -- if they didn't publish their CRC calculation method, then things would be safer till some virus writer found it out. Once that happened, there would be many people relying on that program to keep them safe.. making it actually easier for a virus to spread. >I am not sure how one would go about getting the >CRC for a file+CRC into the file without first knowing the CRC ?? Don't try to include the CRC in the text the CRC is calculated on.. either that or calculate a CRC for every possible CRC.. and hope two of them match :-) >I wonder if some 'modest protection' of this type can be added to >Operating Systems ???? Sounds like you want a login? Pat White ARPA/UUCP: j.cc.purdue.edu!ain BITNET: PATWHITE@PURCCVM PHONE: (317) 743-8421 U.S. Mail: 320 Brown St. apt. 406, West Lafayette, IN 47906 Life is a joke.. so laugh at it :-)