Different types of virus detection?

Quote:

---

Originally posted here by IKnowNot
4) the right functions on first hard drive are physically limited by a key switch ( actual interrupt of the wires which control writes. This allows, when necessary, to update the OS, etc. without too much difficulty, when absolutely necessary. Could also apply to bios changes: I liked the old jumpers )

---

Quote:

---

Originally posted here by thehorse13
Yeah, there is no easy solution to this, which is why you don't have wide spread adoption today. I'm thinking that the only road home on this is to somehow integate it into the OS design. Again, no small or easy task.

---

Quote:

---

Originally posted here by Tiger Shark
Until we come up with an OS that doesn't allow outside executable code to run except in an environment where it is isolated from data then there will always be malware..... and we will always have jobs..... :cool:

---

I agree with all of these notions...

I can see that IKnowNot's particular pattern could be deployed in almost every environment to some extent... Is this something we could deploy now? From a[n?] Unix perspective I believe this could be done quite easily... I have often thought about having binaries for a locked down server on a CD or other read-only partition...

The CD to thwart those who may want to use the binaries other when doing maintenance or RO if I am using the system often and don't want the performance hit...

Quote:

---

6) periodically the anti-malware program checks the hash of the OS and itself ( which is reloaded each time executed ) that is in memory with what is on the first hard drive

7) the anti-malware program also checks hash functions of any executables on the second hard drive, which it stores in a separate swap file only writable by the anti-malware program

8) if the hash doesn't match the OS or anti-malware program, or if it detects a unwanted signature, the first swap file is deleted, the administrator and user notified.

---

As long as you're not using MD5, you should be ok. In case you haven't heard, there is now an automated tool to beat MD5 hashing. I have a thread here somewhere which gives the details so check it out. I'd rather not rehash (no pun intended) here because I want to keep the conversation on topic.

;)

For methods close to those described, check out the CIS website. They have all kinds of deployment schemes and goodies there.

--TH13

How about this, can opennes save the internet? http://freshmeat.net/articles/view/1360/

Quote:

---

Originally posted here by bAgZ
How about this, can opennes save the internet? http://freshmeat.net/articles/view/1360/

---

In a word, no. It isn't that simple ... minded.

Quote:

---

Originally posted here by bAgZ
How about this, can opennes save the internet? http://freshmeat.net/articles/view/1360/

---

Firstly, I am prejudiced from the start because there are some Cultural Assumption overtones...

Quote:

---

The government is the strongest supporter of closed source software, having committed to long-lasting delivery agreements with Microsoft...

---

Sorry which government was that?


Secondly, it simplifies the...

Quote:

---

proliferation of spam, worms, crackers, and viruses....

---

...into a "lets use open-source" bandwagon and then tacks on a "lets regulate the internet", marketing corporate networks and VPN as the method...

Say whaat? Did you pick-up the contradiction?

Al