[3735] in WWW Security List Archive
Re: Re : Any internet virus (fwd)
daemon@ATHENA.MIT.EDU (Tim O'Shea [tmo])
Fri Dec 6 17:16:02 1996
Date: Fri, 6 Dec 1996 14:25:29 -0500 (EST)
From: "Tim O'Shea [tmo]" <tmoshea@mailbox.syr.edu>
cc: www-security@ns2.rutgers.edu
In-Reply-To: <199612060854.IAA27692@argon.dcs.kcl.ac.uk>
Errors-To: owner-www-security@ns2.rutgers.edu
On Fri, 6 Dec 1996, Security mailing listr �� user wrote:
> But can't you do some "interesting" things with ANSI escape sequences?, I
> know there was a lot of fuss about this in the PC world a few years ago,
> which resulted in a lot of ppl removing ANSI.SYS from the config.sys file.
This is true. Text files could be created with ANSI escape sequences such
that when a user did the following:
more < file.txt
or
type file.txt
The escape codes would be processed by ansi.sys and could redefine keys to
run commands such as 'format c:' unbeknownst to the user.
This is completely removed from transmisson of viruses through ASCII email
the ansi.sys scenario is more of a trojan. No infection capabilities.
PLEASE! Let's remove discussion of virus hoaxes from the www-security
list. To date, there is no proven way of sending a virus via a text file.
The only effect of these "HOAX" postings is to raise false fears, waste
time and system resources.
Please direct any questions or replies to me personally...
Tim
