On Mon, 29 Sep 2008 00:37:47 UTC, "PaulRS"
wrote:

> Just an "experiencial" answer: It is too bad that the discontinuation
> of OS/2 is now showing up in 3rd party support. On the positive side
> - I would not worry too much about OS/2 virus control - after all who
> is going to put in the work necessary for a discontinued OS. One of
> the few blessings of a discontinued OS.

The end of NVC for OS/2 was announced long ago. It was mostly unusable
at the time anyway, even the windows version is unusable, unless you
have XP (or, I would assume VISTA), and a very powerful system to run
it. I (and all of my friends, who run windows XP, or later), now use
FREE AVG. Those who use older versions of windows, use AVST!. WIth eCS
(or OS/2), the answer is ClamAV. ClamAV is missing an "on demand"
scanner, but it will scan individual files, folders, or whole drives.

To assume that an eCS, or OS/2, user doesn't need some sort of virus
protection, is very dangerous. True, there are no known viruses that
affect eCS, unless you run ODIN, or use the innotek runtime, or use
WinOS2, or use e-mail, or use a web browser (or, who knows what else).
A virus is unlikely to do what it was designed to do, but that doesn't
mean that it can't cause trouble. I suspect that many unexplained
system crashes may be caused by viruses trying to do something.

The main exposure is that it is pretty easy to pass along a virus, to
some poor, unsuspecting, windows user, and they have enough problems,
without one of us causing more problems for them. It is not always
obvious, that something contains a virus, and many new viruses do
nothing obvious, at all anyway. All they do, is sit in the background,
waiting for a user to enter a user ID, and password, to their bank
account, then they send that information to someone who won't mind
using it for their own advantage. Assuming that you will spot
something like that, without help, is silly.

Anyway:

> http://free.avg.com/download-avg-ant...s-free-edition

> http://www.avast.com/

> http://web.os2power.com/yuri/ClamAV

> http://hobbes.nmsu.edu/download/pub/...ngclamavr1.zip

--
From the eComStation 2.0 RC2 of Doug Bissett
dougb007 at telus dot net
(Please make the obvious changes, to e-mail me)

In , on 09/29/2008
at 11:26 PM, "Doug Bissett" said:



>On Mon, 29 Sep 2008 00:37:47 UTC, "PaulRS" wrote:

>> Just an "experiencial" answer: It is too bad that the discontinuation
>> of OS/2 is now showing up in 3rd party support. On the positive side
>> - I would not worry too much about OS/2 virus control - after all who
>> is going to put in the work necessary for a discontinued OS. One of
>> the few blessings of a discontinued OS.

>The end of NVC for OS/2 was announced long ago. It was mostly unusable at
>the time anyway, even the windows version is unusable, unless you have
>XP (or, I would assume VISTA), and a very powerful system to run it. I
>(and all of my friends, who run windows XP, or later), now use FREE AVG.
>Those who use older versions of windows, use AVST!. WIth eCS (or OS/2),
>the answer is ClamAV. ClamAV is missing an "on demand" scanner, but it
>will scan individual files, folders, or whole drives.

>To assume that an eCS, or OS/2, user doesn't need some sort of virus
>protection, is very dangerous. True, there are no known viruses that
>affect eCS, unless you run ODIN, or use the innotek runtime, or use
>WinOS2, or use e-mail, or use a web browser


I keep seeing people say this about Odin -- but once for fun, I tried to
open a file with a windows virus. I've also done with with emails.
Nothing happened.

I really think its another case of much ado about nothing.








(or, who knows what else). A
>virus is unlikely to do what it was designed to do, but that doesn't mean
>that it can't cause trouble. I suspect that many unexplained system
>crashes may be caused by viruses trying to do something.

>The main exposure is that it is pretty easy to pass along a virus, to
>some poor, unsuspecting, windows user, and they have enough problems,
>without one of us causing more problems for them. It is not always
>obvious, that something contains a virus, and many new viruses do
>nothing obvious, at all anyway. All they do, is sit in the background,
>waiting for a user to enter a user ID, and password, to their bank
>account, then they send that information to someone who won't mind using
>it for their own advantage. Assuming that you will spot something like
>that, without help, is silly.

>Anyway:

>> http://free.avg.com/download-avg-ant...s-free-edition

>> http://www.avast.com/

>> http://web.os2power.com/yuri/ClamAV

>> http://hobbes.nmsu.edu/download/pub/...ngclamavr1.zip

On Mon, 29 Sep 2008 23:26:50 GMT, Doug Bissett wrote:

> To assume that an eCS, or OS/2, user doesn't need some sort of virus
> protection, is very dangerous. True, there are no known viruses that
> affect eCS

Kinda pointless running a virus checker then.

> unless you run ODIN, or use the innotek runtime, or use
> WinOS2, or use e-mail, or use a web browser (or, who knows what else).

So, you'll be able to give us at least 1 example of a virus that fits
each of these categories then?

> A virus is unlikely to do what it was designed to do,

How do you know that?

> but that doesn't mean that it can't cause trouble.

What sort of trouble?

> I suspect that many unexplained system crashes may be caused by
> viruses trying to do something.

You mean "This is a completely random attempt at guessing that something
might be happening based on no evidence whatsoever and trying to fit some
symtoms of something or other to some unknown problem".
Otherwise known as Bull****....

Really, what a load of unsubstantiated old waffle. Just shut up will you.

Paul Ratcliffe schrieb:
>
>> To assume that an eCS, or OS/2, user doesn't need some sort of virus
>> protection, is very dangerous.
Naaah, not really.

>> True, there are no known viruses that affect eCS
>
> Kinda pointless running a virus checker then.
ACK.

It only makes sense to check EMails/Downloads that might end on a
Windows system IMHO. For that purpose ClamAV is good enough...

>> unless you run ODIN, or use the innotek runtime, or use
>> WinOS2, or use e-mail, or use a web browser (or, who knows what else).

> So, you'll be able to give us at least 1 example of a virus that fits
> each of these categories then?

I have one, at least :-)

At the time when Odin was alive I deliberately ran a program I knew that
it was infected by a (Windows) virus. I knew that it altered several
..DLLs on a genuine Windows system. I closely monitored what it did on
Odin: It changed one Odin .DLL by appending some stuff to it. It then
tried to patch the file (to apply an activation mechanism, I guessed).

That hung the process (I'd guess that a Windows virus is probably not
really capable to deal with LX executables found on a OS/2 system).

After that Odin did not work anymore, until I replaced the .DLL the
virus had changed, with the original one.

End of story.

Kind regards,
Herwig

With no NAV updates my WSEB can no longer reliably use it as my e-mail
gateway/server for my family. My kids and wife + friends all have WinXP
and their email accounts are all on my WSEB box. With no virus checking of
incoming e-mail it will render my WSEB useless.

HarryWho wrote:
> With no NAV updates my WSEB can no longer reliably use it as my e-mail
> gateway/server for my family. My kids and wife + friends all have WinXP
> and their email accounts are all on my WSEB box. With no virus checking
> of incoming e-mail it will render my WSEB useless.
>

It would seem that ClamAV fits the bill then:

> Clam AntiVirus is a Open Source anti-virus toolkit for Unix like Operating Systems. This is made to integrate with mail servers for attachement scanning rather than to work on machines to scan resident files. It provides a flexible and scalable multi-threaded daemon, a command line scanner and a tool for automatic virus definitions update on the Internet. The virus database is kept updated and is freely downloadable. It ships with a library on which most of the programs are based. More information can be had from its site clamav.net

On Wed, 1 Oct 2008 09:40:45 UTC in comp.os.os2.misc, os2box@niclan.com.au
(HarryWho) wrote:

> With no NAV updates my WSEB can no longer reliably use it as my e-mail
> gateway/server for my family. My kids and wife + friends all have WinXP
> and their email accounts are all on my WSEB box. With no virus checking of
> incoming e-mail it will render my WSEB useless.

That's what clamav is for - at least on *ix systems, it has hooks in most mail
systems to allow for AV scanning but I have no idea if any of them have been
ported to OS/2.

--
Trevor Hemsley, Brighton, UK
Trevor dot Hemsley at ntlworld dot com

Hi, Trevor-

In article ,
Trevor.Hemsley@mytrousers.ntlworld.com says...

> That's what clamav is for - at least on *ix systems, it has hooks in most mail
> systems to allow for AV scanning but I have no idea if any of them have been
> ported to OS/2.

Using Weasel, you can easily have ClamAV set up to scan your messages.
I am not doing it currently, but if you read the Weasel documentation,
you can put it as a stage 6 filter and go from there.

FWIW, I've never, ever once used antivirus software on any of my OS/2-
eCS boxes in the 12 years I've been running OS/2. I've never needed it.

Later,
Sean

On Thu, 2 Oct 2008 03:11:45 UTC, Sean Dennis wrote:

> Using Weasel, you can easily have ClamAV set up to scan your messages.
> I am not doing it currently, but if you read the Weasel documentation,
> you can put it as a stage 6 filter and go from there.
>
> FWIW, I've never, ever once used antivirus software on any of my OS/2-
> eCS boxes in the 12 years I've been running OS/2. I've never needed it.

Nor I did. While anyone of my friends complains about virii and
malware, I keep going happily on my eCS box.

Mentore

On Tue, 30 Sep 2008 11:34:06 UTC, Paul Ratcliffe
wrote:

> Really, what a load of unsubstantiated old waffle. Just shut up will you.

Paul, if YOU want to run without some sort of virus protection, be my
guest. I will continue to advocate that ALL users, of EVERY OS, should
use virus protection, whether it would seem to be necessary, or not.
To do otherwise, is foolhardy, at best, and has the potential to be
absolutely disasterous, if you don't.

--
From the eComStation 2.0 RC2 of Doug Bissett
dougb007 at telus dot net
(Please make the obvious changes, to e-mail me)

On Thu, 02 Oct 2008 22:33:42 GMT, Doug Bissett wrote:

>> Really, what a load of unsubstantiated old waffle. Just shut up will you.
>
> Paul, if YOU want to run without some sort of virus protection, be my
> guest. I will continue to advocate that ALL users, of EVERY OS, should
> use virus protection, whether it would seem to be necessary, or not.
> To do otherwise, is foolhardy, at best, and has the potential to be
> absolutely disasterous, if you don't.

No it isn't. I note that you have sidestepped my questions and have been
unable to substantiate any of your wild claims with any hard evidence.
You have provided not one shred of anything. I think that speaks volumes,
but you've just got your head stuck up where the sun don't shine.

If you continue to spout this crap, I will continue to debunk your
valueless claims.

On 09/30/08 04:34 am, Paul Ratcliffe wrote:
> On Mon, 29 Sep 2008 23:26:50 GMT, Doug Bissett wrote:
>
>> To assume that an eCS, or OS/2, user doesn't need some sort of virus
>> protection, is very dangerous. True, there are no known viruses that
>> affect eCS

Back in Warp 3 days I had a boot sector virus that showed up in DOS
sessions.

>
> Kinda pointless running a virus checker then.
>
>> unless you run ODIN, or use the innotek runtime, or use
>> WinOS2, or use e-mail, or use a web browser (or, who knows what else).
>
> So, you'll be able to give us at least 1 example of a virus that fits
> each of these categories then?

Right now if I go to http://www.adobe.com/shockwave/welcome/ something
starts up winos2 (win32s installed) which is identified as VDM\Proxy
Browser. I haven't been able to trace it down yet. Clamav doesn't find
anything. This makes my browser nonresponsive until I kill the VDM
session twice.
A while back there also was an exploit that
a) due to a bug did not work on OS/2
b) the author hard coded cmd.exe as C:\windows\cmd.exe
Exploits like this are a real possibility now that we are using main
stream browsers.
Dave

In <0cb6ad72a285beb2dc24fe420d32181e$1@www.niclan.com. au>, on 10/01/2008
at 09:40 AM, os2box@niclan.com.au (HarryWho) said:

>With no NAV updates my WSEB can no longer reliably use it as my e-mail
>gateway/server for my family. My kids and wife + friends all have WinXP
>and their email accounts are all on my WSEB box. With no virus checking
>of incoming e-mail it will render my WSEB useless.

NAV updates are still available. The .lin files supplied for Linux are
just renamed .zip files. The .lin files don't have OS/2 specific engine
updates, but you've been running NAV without any of these for many years.
I guess you've been lucky that your windows boxes have not been attacked
by any of the threats are are invisible to the NAV virus engine.

Steven

--
--------------------------------------------------------------------------------------------
Steven Levine MR2/ICE 3.00.11.17 BETA #10183
eCS/Warp/DIY/14.103a_W4 www.scoug.com irc.ca.webbnet.info #scoug (Wed 7pm PST)
--------------------------------------------------------------------------------------------

On Fri, 3 Oct 2008 00:31:21 UTC, Paul Ratcliffe
wrote:

> On Thu, 02 Oct 2008 22:33:42 GMT, Doug Bissett wrote:
>
> >> Really, what a load of unsubstantiated old waffle. Just shut up will you.
> >
> > Paul, if YOU want to run without some sort of virus protection, be my
> > guest. I will continue to advocate that ALL users, of EVERY OS, should
> > use virus protection, whether it would seem to be necessary, or not.
> > To do otherwise, is foolhardy, at best, and has the potential to be
> > absolutely disasterous, if you don't.
>
> No it isn't. I note that you have sidestepped my questions and have been
> unable to substantiate any of your wild claims with any hard evidence.
> You have provided not one shred of anything. I think that speaks volumes,
> but you've just got your head stuck up where the sun don't shine.

That sounds, exactly, like what IBM said, years ago, when the first
virus wave hit DOS. It took IBM management about 3 months to
acknowledge that viruses existed, meanwhile, those who actually knew
something about PC software, jumped in, and built the first IBM
antivirus program, which solved the problem, at that time (and it
wasn't Microsoft who did it either, they were on IBM managements side,
and claimed viruses were impossible). I don't have the time, or the
interest, to quote specific examples of what viruses can, and will, do
to OS/2. Others are adding to this thread, describing a few things
that have happened to them. If YOU don't believe it, then YOU have
been VERY lucky that you haven't had a problem.

I have been using AV software, since the first IBM AV program became
available, and, even recently, I get the odd virus sent to me in
(usually, SPAM) e-mail. Without ClamAV (and NVC before that), I
probably wouldn't even realize that I got them. True, they never would
have done anything to an OS/2 program (other than, perhaps, cause an
abend, or a system crash), and it is very unlikely, that I would use
the files, in any way, but who knows what they could do to the windows
support (Innotek runtime, ODIN, WinOS2 etc.), if they ever got into
that stuff. I, for one, would much rather know that I have a bad file,
and immediately dispose of it, rather than depend on the OS/2
operating system to protect me from damage.

> If you continue to spout this crap, I will continue to debunk your
> valueless claims.

Say what you feel you must. It is YOU who have your head where the sun
don't shine, just like IBM management did, 20 odd years ago. It may
never actually happen, that a virus will actually operate in OS/2, but
it is all too easy to inadvertently pass one of those things to a
windows user, and I don't plan on doing that, if there is anything I
can do to reduce the possibility.

You do as you like. I look at virus protection, as cheap insurance.
You hope you never need it, but there will come a day, when you may be
thankful that you have it.

--
From the eComStation 2.0 RC2 of Doug Bissett
dougb007 at telus dot net
(Please make the obvious changes, to e-mail me)

On Fri, 3 Oct 2008 17:13:41 UTC in comp.os.os2.misc, "Doug Bissett"
wrote:

> On Fri, 3 Oct 2008 00:31:21 UTC, Paul Ratcliffe
> wrote:
>
> > On Thu, 02 Oct 2008 22:33:42 GMT, Doug Bissett wrote:
> >
> > >> Really, what a load of unsubstantiated old waffle. Just shut up will you.
> > >
> > > Paul, if YOU want to run without some sort of virus protection, be my
> > > guest. I will continue to advocate that ALL users, of EVERY OS, should
> > > use virus protection, whether it would seem to be necessary, or not.
> > > To do otherwise, is foolhardy, at best, and has the potential to be
> > > absolutely disasterous, if you don't.
> >
> > No it isn't. I note that you have sidestepped my questions and have been
> > unable to substantiate any of your wild claims with any hard evidence.
> > You have provided not one shred of anything. I think that speaks volumes,
> > but you've just got your head stuck up where the sun don't shine.
>
> That sounds, exactly, like what IBM said, years ago, when the first
> virus wave hit DOS.

The difference is that there are about 6 people in the world now with the
capability of writing such a thing for OS/2 and 5 and half of them are reading
this group and wouldn't do it anyway. The chances that any of the skript
kiddies is going to write a virus for OS/2 is slim - why would they bother with
such a thing when the total number of users they can expect to infect is
probably a number under 4 digits in length.

--
Trevor Hemsley, Brighton, UK
Trevor dot Hemsley at ntlworld dot com

Hi Dave

Dave Yeo wrote:
> On 09/30/08 04:34 am, Paul Ratcliffe wrote:
>> On Mon, 29 Sep 2008 23:26:50 GMT, Doug
>> Bissett wrote:
>>
>>> To assume that an eCS, or OS/2, user doesn't need some sort of virus
>>> protection, is very dangerous. True, there are no known viruses that
>>> affect eCS
>
> Back in Warp 3 days I had a boot sector virus that showed up in DOS
> sessions.
>
>>
>> Kinda pointless running a virus checker then.
>>
>>> unless you run ODIN, or use the innotek runtime, or use
>>> WinOS2, or use e-mail, or use a web browser (or, who knows what else).
>>
>> So, you'll be able to give us at least 1 example of a virus that fits
>> each of these categories then?
>
> Right now if I go to http://www.adobe.com/shockwave/welcome/ something
> starts up winos2 (win32s installed) which is identified as VDM\Proxy
> Browser. I haven't been able to trace it down yet.


My best guess: You have flash files (maybe *.flv) associated with
MPlayer but your system has got confused and thinks you mean mplayer.exe
included with winos2.


Clamav doesn't find
> anything.


Makes my guess a possibility :-)


This makes my browser nonresponsive until I kill the VDM
> session twice.
> A while back there also was an exploit that
> a) due to a bug did not work on OS/2
> b) the author hard coded cmd.exe as C:\windows\cmd.exe
> Exploits like this are a real possibility now that we are using main
> stream browsers.
> Dave
>
>


Silly me, I used to think Netscape was sort of mainstream... ;-)

I do agree there seem to more chances of getting win32 executables
downloaded onto your system that could be spyware/malware/whateverware.

Every now and again I have a cleanup of all the odd files that end up in
my %temp% directory. Occasionally I find a couple of unknown executable
files; clicking on them usually produces a DOS 23 error which is a good
clue that they are win32 executables. I think a recent file had a name
something like divx_update_codec.exe and another often spotted filename
is simply setup.exe

As I very rarely download anything "windows" I am guessing that these
odd files have arrived courtesy of my browser at some point without my
knowledge.

Regards

Pete

There is no OS/2 virus anywhere. Windows virus do not do anything to
OS/2. Why do you keep believing there is something to worry about?





In , on 10/03/2008
at 05:13 PM, "Doug Bissett" said:



>On Fri, 3 Oct 2008 00:31:21 UTC, Paul Ratcliffe
> wrote:

>> On Thu, 02 Oct 2008 22:33:42 GMT, Doug Bissett wrote:
>>
>> >> Really, what a load of unsubstantiated old waffle. Just shut up will you.
>> >
>> > Paul, if YOU want to run without some sort of virus protection, be my
>> > guest. I will continue to advocate that ALL users, of EVERY OS, should
>> > use virus protection, whether it would seem to be necessary, or not.
>> > To do otherwise, is foolhardy, at best, and has the potential to be
>> > absolutely disasterous, if you don't.
>>
>> No it isn't. I note that you have sidestepped my questions and have been
>> unable to substantiate any of your wild claims with any hard evidence.
>> You have provided not one shred of anything. I think that speaks volumes,
>> but you've just got your head stuck up where the sun don't shine.

>That sounds, exactly, like what IBM said, years ago, when the first
>virus wave hit DOS. It took IBM management about 3 months to acknowledge
>that viruses existed, meanwhile, those who actually knew something about
>PC software, jumped in, and built the first IBM antivirus program, which
>solved the problem, at that time (and it wasn't Microsoft who did it
>either, they were on IBM managements side, and claimed viruses were
>impossible). I don't have the time, or the interest, to quote specific
>examples of what viruses can, and will, do to OS/2. Others are adding to
>this thread, describing a few things that have happened to them. If YOU
>don't believe it, then YOU have been VERY lucky that you haven't had a
>problem.

>I have been using AV software, since the first IBM AV program became
>available, and, even recently, I get the odd virus sent to me in
>(usually, SPAM) e-mail. Without ClamAV (and NVC before that), I probably
>wouldn't even realize that I got them. True, they never would have done
>anything to an OS/2 program (other than, perhaps, cause an abend, or a
>system crash), and it is very unlikely, that I would use the files, in
>any way, but who knows what they could do to the windows support (Innotek
>runtime, ODIN, WinOS2 etc.), if they ever got into that stuff. I, for
>one, would much rather know that I have a bad file, and immediately
>dispose of it, rather than depend on the OS/2 operating system to
>protect me from damage.

>> If you continue to spout this crap, I will continue to debunk your
>> valueless claims.

>Say what you feel you must. It is YOU who have your head where the sun
>don't shine, just like IBM management did, 20 odd years ago. It may
>never actually happen, that a virus will actually operate in OS/2, but it
>is all too easy to inadvertently pass one of those things to a windows
>user, and I don't plan on doing that, if there is anything I can do to
>reduce the possibility.

>You do as you like. I look at virus protection, as cheap insurance. You
>hope you never need it, but there will come a day, when you may be
>thankful that you have it.

On 10/03/08 04:27 pm, Peter Brown wrote:
> Hi Dave
>
> Dave Yeo wrote:
[...]
>> Right now if I go to http://www.adobe.com/shockwave/welcome/ something
>> starts up winos2 (win32s installed) which is identified as VDM\Proxy
>> Browser. I haven't been able to trace it down yet.
>
>
> My best guess: You have flash files (maybe *.flv) associated with
> MPlayer but your system has got confused and thinks you mean mplayer.exe
> included with winos2.

Don't remember associating flash with MPlayer but I will check it out.
The thing is the adobe site is pretty well the only one that triggers
this activity. Other Flash sites work as expected though I don't use
Flash much due to bandwidth limits.

>
>
> Clamav doesn't find
>> anything.
>
>
> Makes my guess a possibility :-)

I'm pretty sure I've still got some examples of viruses in my mail
folder that Clamav also never found and IIRC I have a test virus (right
signature, not an executable) still. Unluckily with todays huge drives
an amazing amount of cruft builds up and I've been slack in my house
cleaning.

>
>
> This makes my browser nonresponsive until I kill the VDM
>> session twice.
>> A while back there also was an exploit that
>> a) due to a bug did not work on OS/2
>> b) the author hard coded cmd.exe as C:\windows\cmd.exe
>> Exploits like this are a real possibility now that we are using main
>> stream browsers.
>> Dave
>>
>>
>
>
> Silly me, I used to think Netscape was sort of mainstream... ;-)

Yes I guess I should of worded that better. Mainstream browsers that
crackers are bothering to write exploits for
While I remember a couple of security updates for Netscape I don't
remember ever hearing of an exploit. Also our Netscape's were different
enough (old versions with newer fixes) that general exploits were less
likely to work.

>
> I do agree there seem to more chances of getting win32 executables
> downloaded onto your system that could be spyware/malware/whateverware.
>
> Every now and again I have a cleanup of all the odd files that end up in
> my %temp% directory. Occasionally I find a couple of unknown executable
> files; clicking on them usually produces a DOS 23 error which is a good
> clue that they are win32 executables. I think a recent file had a name
> something like divx_update_codec.exe and another often spotted filename
> is simply setup.exe

Yes I've had a couple of offers for codecs I have my %TEMP% on a ram
disk so a reboot always cleans it up.
I also notice that clamav didn't clean up after itself.
>
> As I very rarely download anything "windows" I am guessing that these
> odd files have arrived courtesy of my browser at some point without my
> knowledge.
>

Yes we are like everyone else now, having to do frequent updates for
security reasons.

> Regards
>
> Pete

Dave

On Sat, 4 Oct 2008 02:09:59 UTC, TruthTeller@nospam.net wrote:

> There is no OS/2 virus anywhere. Windows virus do not do anything to
> OS/2. Why do you keep believing there is something to worry about?

The question is, is there some (theoretical) possibility that some
Windows / Mac / Linux virus might damage some OS/2 components?
Especially now that we rely so much on components like LIBC/kLIBC,
Mozilla and Odin/Innotek Runtime?

Some say yes, some say not. It's user's freedom and responsability to
choose if to use an antivirus program (and OS/2 has got at least two
of them native) or not, and take some risk.

It's such a simple question I can't understand why this is causing
these flames.

Btw, could you reply in a not-Outlook way? Thanks in advance :-)

Mentore