Rafael 'Dido' Sevilla wrote:
>
> Maybe these anti-virus companies actually do make some of these
> viruses themselves, so they create a demand for their own products...
>
> Dido "The Lone Gunman" Sevilla
>
If they do, then they're even worse than script kiddies.
Ten years ago, there were about 500 viruses. Most of these were variants
of around 80 main strains.
It took a nuthead with reasonable assembly language and pc hardware
skills to even recode these pre-existing strains just to stay undetected
by the latest AV data files.
Along came the mutation engine, which produced polymorphic viruses that
encrypted each instance that it spawned. Done in C and assembly, all one
had to do was link to the library and you had your own new exe/com
munching baby.
The next generation stealth viruses used various techniques to load
before any AV software and prevent detection. The more advanced versions
could even unload mcafee's vshield.
There were already "generators" at this point. You just give a few
parameters and it would spit out a hundred or so .com or .exe files,
each with different characteristics. But you had to tweak most of these
for them to work.
This all reached a plateau in 1994, with around 5,000 viruses. Then in
1996, with the advent of winblows, new PE style executables and macro
facilities, the number of rogue software climbed to over 10,000. It
doubled again in 1998. and just last year, topped 50,000.
Now why do I say those guys could be worse than script kiddies? Because
the majority of the 50,000 to 60,000 viruses today are macro viruses.
Unlike the exe/com viruses of yesteryear, these can be produced in the
hundreds by running "generators". And one no longer needs to know
anything about the target except he/she be running that sorry excuse for
an os.
--
Paolo
Infoweb Telecom (Global) Limited
POT: (852) 2388-1168/1053/1476 or 2625-1688 loc 127 FAX: (852) 2625-1501
7B CNT Tower, 338 Hennessy Road, Wanchai, Hong Kong, SAR, China 852
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
