HP3000-L Archives

November 2006, Week 5

HP3000-L@RAVEN.UTC.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: MPE/iX Virus Vulnerability
From:
Gilles Schipper <[log in to unmask]>
Reply To:
Gilles Schipper <[log in to unmask]>
Date:
Thu, 30 Nov 2006 16:37:39 -0500
Content-Type:
text/plain
Parts/Attachments:
text/plain (135 lines) 
Could it be that reason the HPe3000 is (relatively) immune to viruses 
is related to the fact that MPE is characterized by a clear 
distinction between and separation of code and data stacks ?

In many cases, viruses exploit OS's that do not have that distinction 
and are thus able to modify otherwise innocuous code to achieve their 
malicious effects.



At 02:03 PM 2006/11/30, Reid Baxter wrote:

>Joe,
>
>Thanks and yes we do use Vesoft Security/3000. I was looking for a more
>technically definitive answer though. I once recall seeing someone post
>(programmer perspective) a response that eluded to stacks, storage area,
>etc. based reasons that a virus could not exist within the MPE/iX OS
>architecture. Anyone recall that ? Wirt ? Stan ?
>
>Regards,
>
>Reid E. Baxter
>
>
>
>
>              J Dolliver
>              <[log in to unmask]
>              ET>                                                        To
>              Sent by: HP-3000          [log in to unmask]
>              Systems                                                    cc
>              Discussion
>              <[log in to unmask]                                     Subject
>              TC.EDU>                   Re: [HP3000-L] MPE/iX Virus
>                                        Vulnerability
>
>              11/30/2006 01:39
>              PM
>
>
>              Please respond to
>              [log in to unmask]
>                      T
>
>
>
>
>
>
>The short answer is->
>
>MPE/iX was NOT a mass marketed operating system and thus NO ONE was
>interested in hacking it.
>
>The Audit answer is ->
>
>Modem access and making changes to the catalog.pub.sys file making the
>"expected hello" line was one of the things we did to make sure that anyone
>hunting down systems by modem would not know how the system was addressed
>for access.
>You could also add passwords to getting access to the service line to the
>HP.
>and another thing...  VeSoft Security3000 product allows you to encrypt
>passwords and you are using that as a standard tool correct ;-).
>
>
>
>
>
>-------------- Original message from Reid Baxter
><[log in to unmask]>: --------------
>
>
> > I have an auditor asking about what tools we have in our arsenal for
> > detecting viruses on the HP3000. I explained that the MPE/iX OS "does not
>
> > lend itself to viruses", but they would like me to expand on that reply.
> > I've been searching but have not been successful in locating a
>'technical'
> > reason for this capability. Can anyone point me in the right direction A
> > link or otherwise ? Thank you in advance.
> >
> > Regards,
> >
> > Reid E. Baxter
> >
> >
> > -----------------------------------------
> > This transmission may contain information that is privileged,
> > confidential, legally privileged, and/or exempt from disclosure
> > under applicable law. If you are not the intended recipient, you
> > are hereby notified that any disclosure, copying, distribution, or
> > use of the information contained herein (including any reliance
> > thereon) is STRICTLY PROHIBITED. Although this transmission and
> > any attachments are believed to be free of any virus or other
> > defect that might affect any computer system into which it is
> > received and opened, it is the responsibility of the recipient to
> > ensure that it is virus free and no responsibility is accepted by
> > JPMorgan Chase & Co., its subsidiaries and affiliates, as
> > applicable, for any loss or damage arising in any way from its use.
> > If you received this transmission in error, please immediately
> > contact the sender and destroy the material in its entirety,
> > whether in electronic or hard copy format. Thank you.
> >
> > * To join/leave the list, search archives, change list settings, *
> > * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
>
>* To join/leave the list, search archives, change list settings, *
>* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
>
>* To join/leave the list, search archives, change list settings, *
>* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
>
>
>
>
>--
>No virus found in this incoming message.
>Checked by AVG Free Edition.
>Version: 7.5.430 / Virus Database: 268.15.2/559 - Release Date: 
>2006/11/30 5:07 AM

-------------------------------------------------------------------------------------------------
Gilles Schipper
GSA Inc.
HP System Administration Specialists
300 John Street, Box 87651   Thornhill, ON Canada L3T 7R4
Voice: 905.889.3000     Fax: 905.889.3001
email:  [log in to unmask]  web: http://www.gsainc.com
-------------------------------------------------------------------------------------------------

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

ATOM RSS1 RSS2