HPE Community
Operating System - OpenVMS
1819838 Members
2606 Online
109607 Solutions
New Discussion юеВ

VIRUS on Open VMS Systems

 
Vallentin, Manfred
Advisor

тАО05-23-2005 01:51 AM

тАО05-23-2005 01:51 AM

VIRUS on Open VMS Systems

Hello,
Can anyone tell me what kinds of virus are commonly found in OpenVMS platforms?

Is it essential to install a Virusscanning Tool on a only VMS-System without Pathworks?

Has anyone expirience with Virus on Open VMS System?

I make at time a study of Virusinfects on VMS-Systems.

mfg
Manfred
0 Kudos
Reply
8 REPLIES 8
Ian Miller.
Honored Contributor

тАО05-23-2005 03:36 AM

тАО05-23-2005 03:36 AM

Re: VIRUS on Open VMS Systems

There no viruses on VMS systems which infect VMS.

There is VSWEEP from Sophos for scanning email and file shares if the VMS system is being used to store email or files for Windows systems.

See the following announcement
http://h71000.www7.hp.com/partners/press_releases.html#sophos
____________________
Purely Personal Opinion
0 Kudos
Reply
labadie_1
Honored Contributor

тАО05-23-2005 03:52 AM

тАО05-23-2005 03:52 AM

Re: VIRUS on Open VMS Systems

Long ago there was a pseudo virus, just using the default Decnet account, which was called War Against Nuclear Killer, so the acronym was wank. The english readers may see the meaning :-)

It is funny to see on a Vms node running a Web server all the attempts to "bufffer overflow" Vms, to try root or administrator and a password...

0 Kudos
Reply
Ian Miller.
Honored Contributor

тАО05-23-2005 04:13 AM

тАО05-23-2005 04:13 AM

Re: VIRUS on Open VMS Systems

Labadie, that was a long time ago (>15 years) and is usually described as a worm. It exploited a lax default configuration.
____________________
Purely Personal Opinion
0 Kudos
Reply
labadie_1
Honored Contributor

тАО05-23-2005 04:17 AM

тАО05-23-2005 04:17 AM

Re: VIRUS on Open VMS Systems

yes Ian, it was in April 1989 it seems, see
http://www.cert.org/advisories/CA-1989-04.html

0 Kudos
Reply
Daniel Fernandez Illan
Trusted Contributor

тАО05-23-2005 05:02 AM

тАО05-23-2005 05:02 AM

Re: VIRUS on Open VMS Systems

you can found viruses on VMS system if you use VMS box as file server and it contain a infected file. VMS isn't affected but clients should be affected - obviously -.
In this case use viruses scanning tool from clients.
Saludos.
Daniel.
0 Kudos
Reply
Willem Grooters
Honored Contributor

тАО05-24-2005 01:08 AM

тАО05-24-2005 01:08 AM

Re: VIRUS on Open VMS Systems



NONE.



...Or Samba, or NFS.

NO - because of above. But the systems needs to be setup properly (in terms of basic security) ;-)

Has anyone expirience with Virus on Open VMS System?

Since there are no virusses or worms on VMS, no. But if (part of) a VMS disk is shared with vulnarable systems, it may contains affected files. These won't effect VMS.
If you want to prevent even that, indeed, use Sophos (but for non-corporate users it's too expensive)

I make at time a study of Virusinfects on VMS-Systems.

Good!
Check www.cert.org and search for the number of alerts on any system you like. The oldest INTERNAL flaw mentioned dates 1989 (wank, as mentioned before), the latest 1993 (Monitor utility, limited to versions 5.4 and before).
Most problems repotrted nowadays are in Unix (Opensource) software ported and to VMS, since the vulnerability is general and not related to the OS, and it can run (officially) on VMS, it will be mentioned. Examples are KERMIT, SSL and Apache.

Publish the results, please.

For your information: My Internet connected firewall will block everything but a few ports, and these are all passed to a VMS box, for over 2 years now. Completely transparant, it is as if it's directly connected.
In that time I have seen numerous attempts to infect my machine by attempting buffer overflow and intrusion on any opened port. The machine was never brought down due to access from the internet, just by hardware failure, power outage or planned shutdown and reboot.

Willem
Willem Grooters
OpenVMS Developer & System Manager
0 Kudos
Reply
comarow
Trusted Contributor

тАО05-24-2005 01:36 AM

тАО05-24-2005 01:36 AM

Re: VIRUS on Open VMS Systems

It has been stated by Hackers that VMS is the most secure system. The operating system is protected.

One major advantage is that the kids learning computers don't know VMS.

So viruses are simply not a problem.

However, there are security issues. The new tcpip suite includes encryption so information in not in clear text.

Then there is a VALUE PAK that HP Support offers (delivered by the old Colorado Support Center) where they will do a security analysis on your system. Contact HP Support for information on this.

The most important security concern with VMS is to make sure no one can access the console. If they can get to the console, they can get onto your system. In many ways so physical security is essential.

With VMS 7.3-2 mixed case passwords were added.


There are tools that filter out viruses that can effect your PCs if you use VMS as a pop server. The VMS system can't be effected but it will check for viruses before sending them on.

But to answer your question, there are no virus scanning tools for VMS or need for them. There are security add on tools that check for things like incorrect protections on files, unused accounts, privileged accounts and such.

Finally, you can set up ACLs on critical files to know if anyone changes them.


Bob Comarow

0 Kudos
Reply
John Gillings
Honored Contributor

тАО05-24-2005 09:33 AM

тАО05-24-2005 09:33 AM

Re: VIRUS on Open VMS Systems

Manfred,

While it's true there are no recognised viruses that infect OpenVMS systems directly, it's also true that OpenVMS systems can be a VECTOR through which other systems that are vulnerable to viruses can infect each other. For example, a PC storing an infected file on a Pathworks share and passing it to other PCs.

There is a SOPHOS product which runs on OpenVMS and claims to be able to inspect files in pathworks shares, detecting any PC viruses.

Here's their spiel:
"
Can my OpenVMS system become infected with a virus?

There are currently no known viruses which infect OpenVMS systems. However, it is often useful for an OpenVMS system to scan files for viruses which infect other operating systems.

This could be the case when an OpenVMS system is used

* As a file server for Windows computers and Macs (e.g. Pathworks/Advanced Server).
* To provide an ALL-IN-1 file cabinet.
For processing email with attachments (e.g. PMDF).

In addition, Sophos Anti-Virus for OpenVMS installed as an InterCheck server for central virus reporting can provide on-access logging for client computers.
"

I have no experience with this product, nor do I have any financial interest in Sophos. This is not a recommendation, just a notification that the product exists. See www.sophos.com for more information.

A crucible of informative mistakes
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.