Experience with Viruses on UNIX Systems.
1989; Volume: 2; Linguagem: Inglês
ISSN
0895-6340
Autores Tópico(s)Spam and Phishing Detection
ResumoExecutable frles in the Ninth Edition of the UNIX system contain small amounts of unused space, allowing small code sequences to be added to them without noticeably affecting their functional- ity. A program fragment that looks for binaries and introduces copies of itself into their slack space will transitively spread like a virus. It could, like the Trojan Horse, harbor Greeks set to attack the sys- tem when run with enough privilege. I wrote such a program (without the Greeks) and ran several informal experiments to test its charac- teristics. In one experiment, the code was planted on one of Bell Labs' computers and spread in a few days through our Datakit network to about forty machines. The virus escaped during this test onto a machine running an experimental secure UNIX sys- tem, with interesting (and frustrating for the system's developers) consequences. To fit in the small amount of space available viruses of this sort must be tiny, and consequently timid. There are ways to write similar viruses that are not space-constrained and can therefore spread more aggressively and harbor better-armed Greeks. As an
Referência(s)