Printer Friendly

A headache for the host.


CERTAIN COMPUTER SOFTWARE packages now contain methods for keeping hackers out of the personal computer (PC) domain or at least detecting infiltrations and removing them before any harm is done. Because of these software packages and because few PC systems have been infiltrated in the last six years, many persons in the computer industry feel the PC environment has been made safe from data infection.

While this theory might be true, another threat poses a greater risk to the business community than PC attacks. That threat is a virus that attacks host systems. Many data security people cringe at the thought of trying to control the PC environment, but most feel confident about the safety of host systems. After all, it is difficult to gain access to a host that has a security package like RACF, TopSecret, or ACF2. In fact, a recent Coopers & Lybrand seminar held in Minneapolis turned up only one such attack on a host system after a three-year study - and that program was detected and defused before it caused any serious damage. Such reports have helped herald mainframes as being safe from viral attack.

In reality, hosts are becoming ever more susceptible to viral attack because of a new protocol in data processing - file transfer from PC to host. The standard operating procedure for file transfer is to have the user manipulate the data on a PC. When the data is ready for processing, the file is transferred to the host, processed, and then returned to the PC.

That process is a new arena for software. File transfer protocols allow the PC user and the mainframe user to interact with each other - to share data and resources. These protocols move data from PC to host, host to host, or host to PC quickly and easily.

A thorn in the side of the software industry has been the advent of public domain software. Such software is considered public because it is free to anyone who wants to load it into a PC. In the past, these software packages have been available through PC network bulletin boards and private data reproduction services.

Recently, however, a new type of public domain software has been developed - software designed to be loaded onto host systems. File transfer protocols are entering this sector of the software industry.

Just as public domain software creates a risk of infection on a PC, this file protocol software has a large hazard potential for host machines. Unlike other public domain packages, this software comes under the guise of a different name - "nonpublic domain" software.

Nonpublic domain protocol packages perform file transfers as effectively as other protocols on the market. They are inexpensive, and the label "nonpublic" makes them seem more acceptable. They are not considered public domain because persons who want the software must pay for reproduction and shipping costs. Because they are labeled "nonpublic" (meaning someone has applied for a copyright to the protocol), uniformed users believe them to be safe.

THE DISTURBING ASPECT OF THESE programs is that they can often be obtained through the same methods as public domain software - bulletin boards, data reproduction services, college computer science departments, and other users. In addition, subscribers are encouraged to enhance the programs, reproduce them, and pass them on to other users. The enhancements, fixes, and changes are often not thoroughly tested before being passed on to other users.

These programs are mounted on host systems and run with matching programs on the PC side of the transfer. Due to the informal method of program updates, these protocols are easy doors into host systems for unscrupulous, unauthorized users.

The reason for making these protocols so accessible and malleable is to allow an open exchange of information among users. Many creators of such software encourage users to write enhancements and expand the possibilities of the protocols. While in theory this idea might seem wonderful, that type of information sharing amounts to an invitation to manipulate the host system and alter or destroy data.

Any infection passed through non-public domain protocols could potentially damage or destroy a variety of data on the host system before being discovered and removed. In addition, that infection could just as easily be passed to the transferring PC or, a more devastating possibility, to the transferring local area network (LAN), which could infect several hundred PC files.

The nonpublic domain protocol market is a "buyer beware" situation because of the disclaimers in the software's documentation. These disclaimers place liability for any destruction, alteration, or loss on the user who installs the package. The disclaimers are always clearly marked.

On the surface, these protocols were created because the creators wished to pass along something good at a reasonable price. While the basic concept is commendable, only someone living a fairy-tale existence would discount the possibility of data destruction. While many of the original writers of these protocol packages claim security professionals are paranoid when it comes to file transfer, they still write disclaimers freeing themselves from responsibility for mishaps on the system or within the files being transferred.

The only way to be truly safe from the possibility of system or data destruction is to forbid computer users to mount such software on a host machine, LAN, or PC. If, however, final approval regarding software rests with users and they insist on using such software, consider the following suggestions for system safety:

* Always install and test the PC version of a program on an isolated PC that stores no files.

* Print a hard copy of the protocol and review it for logic bombs or time bombs.

* Mount the host tape to a test portion of the system and make sure all tests are performed after production jobs have finished in case the system crashes.

* Have a knowledgeable system programmer review the job control language in the protocol to ensure no unknowns are embedded in the job stream.

* Publish a disclaimer to all who wish to use the software, saying the company is not responsible for any system or file failure caused by the protocol.

If possible, never allow free software to be mounted on any PC, LAN, or host system. Although name-brand protocol systems cost more, they are far less expensive in the long run if they prevent system crashes and preserve data integrity. Worthwhile companies support the software they provide and guarantee, to some degree, the validity of that software once it is installed and running.

Host systems have a good safety record. That record must be maintained at all costs.

Darlene M. Tester is system security administrator at HEMAR Service Corporation of America in St. Paul, MN. She is a member of ASIS.
COPYRIGHT 1990 American Society for Industrial Security
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 1990 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:susceptibility to computer virus attack due to file-transfer protocol
Author:Tester, Darlene
Publication:Security Management
Date:Jan 1, 1990
Previous Article:A tale of two countries.
Next Article:In pursuit of the paperless workplace.

Related Articles
Virus: a strain on the system.
Beyond Virtual Vaccinations.
Security Supplement.
Bugged by viruses?
Protect Network Security Proactively.
Prevent viruses on enterprise WLANs: security gateways provide protection from within the network perimeter.
Protecting your computers from invaders: antivirus-software powerhouse Symantec offers tips for keeping viruses, worms, and Trojan horses at bay.
Defining a computer virus.

Terms of use | Copyright © 2017 Farlex, Inc. | Feedback | For webmasters