Randy K wrote...

>At least these are the viruses I've seen on my HPs for the last 20+ years.
>Have you had any experiences with any others that we should be made aware
>of?

While on the subject of computer viruses... you might want to have a
careful look at your Samba/iX shares, at least those that are "guest ok"
and "write ok" like [public] in the smb.conf sample...

Why? Well, recent virus attacks like Code Red or Nimda seem to use
features of MS Outlook and bugs of MS IIS to spread themselves, but
they also use open SMB file server shares for placing their files!

I've seen files like sample.eml or desktop.nws or riched20.dll with
virus code or even .exe files that have been infected "remotely". All
on Samba/iX [public] shares (configured as "guest ok" and "write ok").
These files were sitting there, waiting for an "innocent" PC user to
double-click them (thus turning their PC or Outlook Express into yet
another weapon of the virus re-distribution/attack)...

Notice that the 3000 itself is NOT vulnerable in this context. You may
see attempted virus attacks in your Apache/iX web server logfiles and
you might see such virus files on Samba/iX shares that are not set up
as password protected or read-only, but the virus code does not run
on the 3000 itself. However, in the case of "too open" Samba shares,
the 3000 "hosts" the files just like any other Windows or compatible
SMB file server (NT, Linux, Unix, etc). You still need to protect the
Windows side carefully.

To protect shares like [public] you might find it useful to change
smb.conf to "write ok = no" or "browsable = no" to prevent infected
PC's placing their virus files there.

Lars (neither speaking for HP nor for official virus hunters here!)

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *