Re: VIRUS Alert for the LIST -- MIDRANGE-L

I totally agree, and if you read my message instead of just flaming you
will see that what I dispute is the definition of a virus. I agree that
the payload is to be feared.

On Mon, 27 Dec 1999, John Hall wrote:

> Ok now lets think about this. 
> 
> 1) If a program is NOT a virus but totally disables your system so you
> have to do a scratch install I don't think saying "Well I told you it
> wasn't a virus" will satisfy your boss.
> 
> 2) Any language that can create an object can replicate itself.  You
> would not need to go beyond CL.  I think you may be considering
> boot-sector viruses on PC's.  That is outdated.  Many PC viruses are
> being written in Word Macro or Excel Macro.  NO prior programming
> experience needed.  Replicate across a network of as400's - no problem
> any of the networking gurus on this list could think of several ways to
> do this.
> 
> 3) You mention that it would be difficult to achieve in QSYS.LIB - no
> reason to put it in there ?
> of course no problems doing that either.  
> 
> 4) I can write that virus in less than a week or Patrick Townsend will
> eat a toad !!! ;)
> 
> 
> Just Kidding of Course ... 
> 
> John Hall
> Home Sales Co.
> 
> "L. S. Russell" wrote:
> > 
> > > Would a virus be effective if it just did a one line CL that did DLTCMD
> > > ?
> > 
> > The main thing a virus, and indeed many trojans do is replicate and spread. 
>The
> > object oriented file structure of the as/400 somewhat limits most common 
>methods
> > of virus replication. So, IMHO more is required than just malicious code to
> > qualify as a virus.
> 
> 
> > 
> > > The holes that would be needed would be in the security implementation.
> > > Or to put it another way the virus would just have to hang around until
> > > someone with ALLOBJ happened to run the program.
> > 
> > This is not true I remember reading an article in Midrange Computing by 
>Wayne
> > Evans where he detailed a method by which one could programmatically adopt
> > *ALLOBJ.
> > 
> > > Your point's are valid.  But I am afraid that those situations are only
> > > delaying the inevitable not preventing it.
> > >
> > > I hesitate to go into anymore detail but after thinking about it I know
> > > it would be easy to do.
> > > I don't want to publish a handbook on how to write a virus for the 400
> > > :(
> > 
> > I think I agree with the previous message, virus writing on the 400 would 
>require
> > much more than, even advanced RPG ILE. Because, a virus requires more than 
>just
> > malicious code to be a virus.
> > 
> > What is a virus?
> > A parasitic program written intentionally to enter a computer without the 
>users
> > permission or knowledge. The word parasitic is used because a virus 
>attaches to
> > files or boot sectors and replicates itself thus continuing to spread. 
>Though
> > some virus's do little but replicate others can cause serious damage or 
>effect
> > program and system performance. A virus should never be assumed harmless 
>and left
> > on a system.
> > 
> > I would add here that a virus is self replicating, this is the very 
>definition of
> > a virus, computer or otherwise, and this would be difficult to achieve in
> > QSYS.LIB.
> +---
> | This is the Midrange System Mailing List!
> | To submit a new message, send your mail to MIDRANGE-L@midrange.com.
> | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
> | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
> | Questions should be directed to the list owner/operator: david@midrange.com
> +---
> 

+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---