Actually, you're wrong. Ever heard of Embedding? You can embed a virus in
text, pictures, waves, midi files etc. So I think you would be inclined to
update your virus knowledge by visiting some hackers pages and checking out
some of the nasty little tricks that the cyberwarriors are using. E-mail
bombs are much the same as an embedded virus in that when you read it, that
starts the bomb/virus' .exe, then (if your boot section is NOT
write-protected), the virus infects the boot files and whatever else it is
told to do.
So, unless you have hard evidence that this is in FACT a hoax....a false
sense of security is all you offer other Netizens.
Sorry to burst your bubble.
Shred
----------
> From: Doug McKean <[log in to unmask]>
> To: [log in to unmask]
> Subject: Re: Virus warning
> Date: Sunday, April 06, 1997 10:31 AM
>
> This is a hoax.
> Every so often during the year these "notices" come up.
>
> Number One Way to Know a Notice is a Hoax -
>
> You cannot start a virus by opening a text file.
>
> Virus work by residing in .EXE or .COM files,
> files that control something.
>
> Number Two Way to Know a Notice is a Hoax -
>
> Viruses CANNOT physically destroy a hard drive,
> believe it or not.
>
> The only way a virus can physically destroy a hard drive
> is to rewrite the READ/WRITE cycles for the hard drive
> to some incredible amount of cycles. If this is done,
> and you sit there without any regard to the fact that
> you PC is taking 5 hours to read a 1K text file, you
> deserve to have your hard drive destroyed (dripping sarcasm).
>
> A virus that "destroys" a hard drive doesn't do anything
> to the hard drive at all. It rewrites or erases the hard
> drive driver program. This "essentially" destroys the hard
> drive to the user depending upon what's in it, but the hard
> drive "I guarantee" is physically still ok.
>
> I have had this happen to me. I had a 1.2Gb drive that
> suddenly was only 500Mb large. That should have been a
> key piece of info for me. DOS can only handle a drive
> without a driver up to, you guessed it, 500Mb. I reloaded
> the driver (yes I lost the info on my drive) and I still
> use that hard drive today. The gentleman who helped me
> chuckled at the fact that I didn't hand in my drive to
> a parts seller. He'd just take the hard drive, reload
> the driver, then sell it back to someone else.
>
> Don't be fooled into these virus notices.
>
> Anyway, here's some sites about virus's
>
> Computer Incident Advisory Capability
> http://ciac.llnl.gov/ciac/CIACHome.html
> http://ciac.llnl.gov/ciac/bulletins/
> http://ciac.llnl.gov/ciac/ToolsDOSVirus.html
> http://ciac.llnl.gov/ciac/SecurityTools.html
>
> Also the CIAC has this to say about receiving a warning -
>
> What to Do When You Receive a Warning
> =====================================
>
> Upon receiving a warning, you should examine its PGP signature
> to see that it is from a real response team or antivirus
> organization. To do so, you will need a copy of the PGP
> software and the public signature of the team that sent the
> message. The CIAC signature is available from the CIAC web
> server at:
>
> http://ciac.llnl.gov
> ************************************************************
> If there is no PGP signature, see if the warning includes
> the name of the person submitting the original warning.
> Contact that person to see if he/she really wrote the warning
> and if he/she really touched the virus. If he/she is passing
> on a rumor or if the address of the person does not exist or
> if there is any questions about theauthenticity or the warning,
> do not circulate it to others. Instead, send the warning to
> your computer security manager or incident response team and
> let them validate it. When in doubt, do not send it out to
> the world. Your computer security managers and the incident
> response teams teams have experts who try to stay current
> on viruses and their warnings.
>
> ************************************************************
> -------------------------------------------------------
> The comments and opinions stated herein are mine alone,
> and do not reflect those of my employer.
> -------------------------------------------------------
> ************************************************************
>
>
***************************************************************************
> * TechNet mail list is provided as a service by IPC using SmartList v3.05
*
>
***************************************************************************
> * To subscribe/unsubscribe send a message <to: [log in to unmask]>
*
> * with <subject: subscribe/unsubscribe> and no text in the body.
*
>
***************************************************************************
> * If you are having a problem with the IPC TechNet forum please contact
*
> * Dmitriy Sklyar at 847-509-9700 ext. 311 or email at [log in to unmask]
*
>
***************************************************************************
>
|