delorie.com/archives/browse.cgi   search  
Mail Archives: djgpp/2000/03/15/23:51:06

To: djgpp AT delorie DOT com
Date: Thu, 16 Mar 2000 04:02:04 0000
From: "nimrod a. abing" <synflood AT eudoramail DOT com>
Message-ID: <HBKBEHJDBPHEAAAA@shared1-mail.whowhere.com>
Mime-Version: 1.0
Cc: broeker AT acp3bf DOT physik DOT rwth-aachen DOT de
X-Sent-Mail: off
X-Mailer: MailCity Service
Subject: Re: self-mod code and DJGPP - writable code segment?
X-Sender-Ip: 208.160.246.197
Organization: QUALCOMM Eudora Web-Mail (http://www.eudoramail.com:80)
Reply-To: djgpp AT delorie DOT com

On 15 Mar 2000 16:56:31 GMT   Hans-Bernhard Broeker wrote:
>The essential thing is really security by obscurity, here, I think.
>DJGPP and RSXNTDJ compiled apps are too rare to act as the host for
>any 'successful' virus.

The info on DJGPP compiled apps (COFF image
structure, DJGPP prog structure) are not that
obscure. They can be found at delorie.com. 

COFF Specs
http://www.delorie.com/djgpp/doc/coff/

DOS exe Specs
http://www.delorie.com/djgpp/doc/exe/

And you're right, the virus author must know
his 'art' to make a virus that can 'properly'
infect a DJGPP program. The problem is, there
are still many DOS viruses out there (they
diehard2 :-), and these things don't know
about the structure of a DJGPP app. So instead
of infecting them, the virus destroys the
program, which is a bad thing if you don't
have the sources to rebuild the program.

But hey, maybe those virus authors would make
one with GPL'ed source code, eh ;-) And virus
authors don't need a big 'market share' to
make viruses. There are people who do this
kind of thing for fun. Let's just hope no one
would try making a DJGPP specific virus...

---
nimrod_a_abing

----------------
Hot Windows Tip:
----------------

How to free up at least 300 MB of hard disk 
space (as seen from the MS-DOS prompt):

C:\>deltree c:\windows
Delete directory "Windows" and all its subdirectories? [yn] y
Deleting Windows...

C:\>

(don't try this at home kids... not unless
you have Linux installation CDs)



Join 18 million Eudora users by signing up for a free Eudora Web-Mail account at http://www.eudoramail.com

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019