Re: Virus


Bob Sutterfield (allosaur.cis.ohio-state.edu!bob@tut.cis.ohio-state.edu)
7 Nov 88 19:53:26 GMT


In article <19881104194515.0.GLR@MOSCOW-CENTRE.AI.MIT.EDU> glr@WHEATIES.AI.MIT.EDU (Jerry Roylance) writes:
>So the first step might be to (quietly) grep unix filesystems for
>some appropriate (cleartext) substrings that would appear in his
>files (ie, pieces of the infecting shell script). Anyone who owned
>such files before the infection would be suspect.

This would yield circumstantial evidence, at best.

Any information found this way would be obtained illegally, at worst,
unless you have a search warrant against a specific user's files.

Ironically enough, I recall someone else, from another subdomain of
MIT, who recently discussed MIT's refusal to run `arbitron' because it
would glean information from files in users' home directories, which
(in that installation) are considered sacred and private.
-=-
Zippy sez, --Bob
- if it GLISTENS, gobble it!!



This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:44:29 GMT