Subject: | |
From: | |
Reply To: | |
Date: | Sun, 06 Apr 1997 13:31:44 -0400 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
This is a hoax.
Every so often during the year these "notices" come up.
Number One Way to Know a Notice is a Hoax -
You cannot start a virus by opening a text file.
Virus work by residing in .EXE or .COM files,
files that control something.
Number Two Way to Know a Notice is a Hoax -
Viruses CANNOT physically destroy a hard drive,
believe it or not.
The only way a virus can physically destroy a hard drive
is to rewrite the READ/WRITE cycles for the hard drive
to some incredible amount of cycles. If this is done,
and you sit there without any regard to the fact that
you PC is taking 5 hours to read a 1K text file, you
deserve to have your hard drive destroyed (dripping sarcasm).
A virus that "destroys" a hard drive doesn't do anything
to the hard drive at all. It rewrites or erases the hard
drive driver program. This "essentially" destroys the hard
drive to the user depending upon what's in it, but the hard
drive "I guarantee" is physically still ok.
I have had this happen to me. I had a 1.2Gb drive that
suddenly was only 500Mb large. That should have been a
key piece of info for me. DOS can only handle a drive
without a driver up to, you guessed it, 500Mb. I reloaded
the driver (yes I lost the info on my drive) and I still
use that hard drive today. The gentleman who helped me
chuckled at the fact that I didn't hand in my drive to
a parts seller. He'd just take the hard drive, reload
the driver, then sell it back to someone else.
Don't be fooled into these virus notices.
Anyway, here's some sites about virus's
Computer Incident Advisory Capability
http://ciac.llnl.gov/ciac/CIACHome.html
http://ciac.llnl.gov/ciac/bulletins/
http://ciac.llnl.gov/ciac/ToolsDOSVirus.html
http://ciac.llnl.gov/ciac/SecurityTools.html
Also the CIAC has this to say about receiving a warning -
What to Do When You Receive a Warning
=====================================
Upon receiving a warning, you should examine its PGP signature
to see that it is from a real response team or antivirus
organization. To do so, you will need a copy of the PGP
software and the public signature of the team that sent the
message. The CIAC signature is available from the CIAC web
server at:
http://ciac.llnl.gov
************************************************************
If there is no PGP signature, see if the warning includes
the name of the person submitting the original warning.
Contact that person to see if he/she really wrote the warning
and if he/she really touched the virus. If he/she is passing
on a rumor or if the address of the person does not exist or
if there is any questions about theauthenticity or the warning,
do not circulate it to others. Instead, send the warning to
your computer security manager or incident response team and
let them validate it. When in doubt, do not send it out to
the world. Your computer security managers and the incident
response teams teams have experts who try to stay current
on viruses and their warnings.
************************************************************
-------------------------------------------------------
The comments and opinions stated herein are mine alone,
and do not reflect those of my employer.
-------------------------------------------------------
************************************************************
***************************************************************************
* TechNet mail list is provided as a service by IPC using SmartList v3.05 *
***************************************************************************
* To subscribe/unsubscribe send a message <to: [log in to unmask]> *
* with <subject: subscribe/unsubscribe> and no text in the body. *
***************************************************************************
* If you are having a problem with the IPC TechNet forum please contact *
* Dmitriy Sklyar at 847-509-9700 ext. 311 or email at [log in to unmask] *
***************************************************************************
|
|
|