Security Basics mailing list archives
RE: Possible new virus?
From: "David Gillett" <gillettdavid () fhda edu>
Date: Thu, 11 Sep 2003 09:05:32 -0700
-----Original Message----- From: Chris Berry [mailto:compjma () hotmail com]From: "David Gillett" <gillettdavid () fhda edu> Chris, please stop and think for just a moment!!!I don't have a threaded email reader so cut me a little slack. (I'm
working
on setting up a qmail system, but right now I'm stuck with hotmail) I've gone back and re-read the original message in the archives.
Consider it cut. Mine's not threaded either, but I seemed to be seeing several messages in a row from you that were all leaping ahead to assume that the fans really had stopped. I don't know that they haven't, but the people you were disagreeing with had NOT made that leap yet. I wanted to head off premature and pointless argument. I apologize if I opted for a little too blunt in the process.
..., but yeah, we need to know if the fan is really not working. Honestly though, if his motherboard is screaming at him, I'd be highly surprised if it was. Though I suppose you might be able to write a virus that accessed the speaker, I think that would still fit in the available space.
Producing a tone from the speaker in real-mode is only about a dozen lines of assembler. Making it stop after N seconds is slightly more complicated, but yeah, space is not really a problem.
(I seem to recall a family of viruses that attempted to re-flash the BIOS. Machines that were supposed to have different BIOS versions might not, after attack by such a virus....)Now that would be nasty, don't you usually have to set a jumper or
something
before doing that or do the new ones let you do it from software? I
haven't
bothered to upgrade a BIOS since about 1995, just not worth it with prices the way the are now.
Nope. You often still have to boot from a DOS floppy with the new BIOS and a flash-writing utility, but a boot sector virus gets that kind of hardware access too. I think the last time I had to touch the motherboard to install a new BIOS was about 1998 -- the new version wouldn't fit in the flash chip installed on older revs of a board we were using a lot of, and needed to be swapped for a larger capacity chip. No jumper. David Gillett --------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ----------------------------------------------------------------------------
Current thread:
- RE: Possible new virus?, (continued)
- RE: Possible new virus? David (Sep 10)
- RE: Possible new virus? Brian Dunbar (Sep 10)
- RE: Possible new virus? Chris Berry (Sep 10)
- RE: Possible new virus? David Gillett (Sep 11)
- Re: Possible new virus? Wirefire Systems Administrator (Sep 11)
- RE: Possible new virus? David Gillett (Sep 11)
- Re: Possible new virus? Chris Berry (Sep 10)
- Re: Possible new virus? Sebastian Schneider (Sep 11)
- Re: Possible new virus? Stephen Pedrosa Eilert (Sep 15)
- Re: Possible new virus? gregh (Sep 16)
- RE: Possible new virus? Chris Berry (Sep 11)
- RE: Possible new virus? David Gillett (Sep 11)
- Re: Possible new virus? Wirefire Systems Administrator (Sep 11)
- RE: Possible new virus? David Gillett (Sep 11)
- Re: Possible new virus? Chris Berry (Sep 11)