From: Michael Lorrey (retroman@together.net)
Date: Sat May 30 1998 - 16:53:59 MDT
Alejandro Dubrovsky wrote:
> On Fri, 29 May 1998, Michael Lorrey wrote:
>
> >
> > As far as I can tell, any time you put a CD in a drive, or any other
> > disk in a drive, the drive checks the boot sector of the drive. This is
> > how you can get a virus from an infected floppy simply by sticking the
> > disk in the drive. You do not need to 'look at it' in order to give the
> > virus a go at your system. Granted you could use a specially rigged CD
> > copying machine, but these are expensive devices, not likely to be owned
> > by the casual pirate. This cost of entry limits potential pirates to
> > those with the capital to take the risk. Thus this limits the potential
> > pirates, and eases enfocement.
> >
> the drive might read the boot sector of the disk, but it does not execute
> it. AFAIK, you cannot get a virus simply by sticking the disk in the
> drive, and even if you read data from the floppy you still cannot get the
> boot record virii (unless, of course, you execute a program on the floppy
> which contains the virus).
I have a floppy disk in hand with a benign Stealth C variant virus. In order to
get your virus protection software to go all bongo over this virus on this
floppy, all you have to do is stick it in the drive. Do nothing else. You also
do not need to be in Windows for this to happen. It does the same thing in DOS.
I have tested this myself, as I keep the floppy as a good way to safely test
antivirus software installations with real virii that do no damage.
BTW, if you want a copy of this virus, all you have to do is exchange files over
the internet with anyone on a PC at Sturm Ruger, Inc. Their entire network is
infested with it, or was the last I heard. Be sure to have your antivirus
software on when you receive it.
> The only way to get a boot sector virus,
> outside executing an executable with a virus, is to boot from a floppy, in
> which case the disk's boot sector gets loaded by the BIOS and executed.
> This is the reason why boot sector virii are almost extincts since the
> need to boot from floppy is extinct. Same as above holds for CDs.
> Reading data cannot heart, executing it does.
>
I was under the impression that the Stealth C variant virus I have on a disk is
a boot sector virus. If stealth viruses are not boot sector types, please let me
know....
-- TANSTAAFL!!! Michael Lorrey ------------------------------------------------------------ mailto:retroman@together.net Inventor of the Lorrey Drive MikeySoft: Graphic Design/Animation/Publishing/Engineering ------------------------------------------------------------ How many fnords did you see before breakfast today?
This archive was generated by hypermail 2.1.5 : Fri Nov 01 2002 - 14:49:08 MST