They might have been referring to the separation of code & data space that
prevents buffer-overrun attacks.  From what I understand, in Unix, if you 
put executable code on the stack and manage to get the program to branch 
to that address, it will happily execute it for you.  On MPE, it recognizes
that it's data space and will refuse to execute it.  Hopefully, someone
with a more intimate knowledge can either back me up or correct me.

At any rate, this doesn't really qualify as a virus protection, but 
oftentimes all forms of attack get lumped to gether: buffer overruns, 
trojans, viruses, etc.

Dave

On Thu, Nov 30, 2006 at 02:03:10PM -0500, Reid Baxter wrote:
> Joe,
> 
> Thanks and yes we do use Vesoft Security/3000. I was looking for a more
> technically definitive answer though. I once recall seeing someone post
> (programmer perspective) a response that eluded to stacks, storage area,
> etc. based reasons that a virus could not exist within the MPE/iX OS
> architecture. Anyone recall that ? Wirt ? Stan ?
> 
> Regards,
> 
> Reid E. Baxter
> 
> 
> 
>                                                                            
>              J Dolliver                                                    
>              <[log in to unmask]                                             
>              ET>                                                        To 
>              Sent by: HP-3000          [log in to unmask]              
>              Systems                                                    cc 
>              Discussion                                                    
>              <[log in to unmask]                                     Subject 
>              TC.EDU>                   Re: [HP3000-L] MPE/iX Virus         
>                                        Vulnerability                       
>                                                                            
>              11/30/2006 01:39                                              
>              PM                                                            
>                                                                            
>                                                                            
>              Please respond to                                             
>              [log in to unmask]                                             
>                      T                                                     
>                                                                            
>                                                                            
> 
> 
> 
> 
> The short answer is->
> 
> MPE/iX was NOT a mass marketed operating system and thus NO ONE was
> interested in hacking it.
> 
> The Audit answer is ->
> 
> Modem access and making changes to the catalog.pub.sys file making the
> "expected hello" line was one of the things we did to make sure that anyone
> hunting down systems by modem would not know how the system was addressed
> for access.
> You could also add passwords to getting access to the service line to the
> HP.
> and another thing...  VeSoft Security3000 product allows you to encrypt
> passwords and you are using that as a standard tool correct ;-).
> 
> 
> 
> 
> 
> -------------- Original message from Reid Baxter
> <[log in to unmask]>: --------------
> 
> 
> > I have an auditor asking about what tools we have in our arsenal for
> > detecting viruses on the HP3000. I explained that the MPE/iX OS "does not
> 
> > lend itself to viruses", but they would like me to expand on that reply.
> > I've been searching but have not been successful in locating a
> 'technical'
> > reason for this capability. Can anyone point me in the right direction A
> > link or otherwise ? Thank you in advance.
> >
> > Regards,
> >
> > Reid E. Baxter
> >
> >
> > -----------------------------------------
> > This transmission may contain information that is privileged,
> > confidential, legally privileged, and/or exempt from disclosure
> > under applicable law. If you are not the intended recipient, you
> > are hereby notified that any disclosure, copying, distribution, or
> > use of the information contained herein (including any reliance
> > thereon) is STRICTLY PROHIBITED. Although this transmission and
> > any attachments are believed to be free of any virus or other
> > defect that might affect any computer system into which it is
> > received and opened, it is the responsibility of the recipient to
> > ensure that it is virus free and no responsibility is accepted by
> > JPMorgan Chase & Co., its subsidiaries and affiliates, as
> > applicable, for any loss or damage arising in any way from its use.
> > If you received this transmission in error, please immediately
> > contact the sender and destroy the material in its entirety,
> > whether in electronic or hard copy format. Thank you.
> >
> > * To join/leave the list, search archives, change list settings, *
> > * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
> 
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
> 
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

-- 
+-------David Oksner-----http://www.case.net/--------+
|Gerrold's Pronouncement:                            |
|  The difference between a politician and a snail is|
|that a snail leaves its slime behind.               |
[log in to unmask]

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *