---- A LETTER FROM THE COMPUTER SYSTEMS LABORATORY -------
MAY 1992
COMPUTER VIRUSES: WHAT CAN USERS DO TO PROTECT THEIR COMPUTER
SYSTEMS
Although computer viruses have been around for a long time, the
widely publicized Michelangelo and Friday the 13th viruses, which
threatened computers worldwide this past March, refocused
attention on the problem of computer viruses. Fortunately,
intense media coverage coupled with the use of anti-viral
software limited the loss of data and information to a few
isolated incidents.
One beneficial result of these recent virus episodes is an
increased awareness among government, industry, academia, and
personal computer users of the dangers posed by computer viruses.
Faced with the realization that viruses will continue to
proliferate in networks and systems for the foreseeable future,
users recognize the importance of taking preventive measures to
avert a virus attack or to limit its damage.
What Can Be Done
Personal computer users can attain some degree of protection
against the threat of computer viruses by frequent and consistent
use of the following cost-effective measures:
o Back up data onto floppy disks and store in a protected place;
o Use only licensed copies of vendor software;
o Purchase software from known, reputable sources;
o Install only software which is clearly required;
o Minimize software sharing within the organization;
o Prohibit users from using software or disks from their home
systems;
o Use a special isolated system for downloading public-domain
software and shareware so that it may be tested by anti-viral
software prior to release for use by others;
o Use the latest anti-viral software available to test your hard
disk and floppy disks on a regular basis;
o Do not leave a personal computer running but unattended; and
o Lock your computer with a hardware lock, if possible. At day's
end, shut down and lock your computer, then lock your office
door.
CSL Resources Can Help
o Computer Security Bulletin Board System (BBS). We maintain an
electronic BBS on computer security which provides a wealth of
information on viruses including publications, papers, software
reviews, and VIRUS-L, a moderated mailing list with approximately
1600 direct subscribers worldwide. The mailing list is dedicated
to information about computer viruses on personal computers,
including Macintosh, PC, Amiga, and Apple, as well as others.
VIRUS-L is an e-mail forum for Internet users that generally
includes useful information such as references to repositories of
anti-virus software, publications, and other items.
Accessing the BBS requires a standard ASCII terminal or personal
computer with serial communications capability. The terminal
must be set for the following communications parameters: modem
baud rate 2400, 1200, or 300 - dial (301) 948-5717; modem baud
rate 9600 - dial (301) 948-5140. Data bits: 8/with no parity or
7/even parity. Stop bits: 1.
To access the BBS via the Internet, use the telnet command, for
example: type 'telnet csrc.nist.gov' or 'telnet 129.6.54.11'.
The log in account is 'bbs'; the password is 'bbs'(lower case).
After the "CONNECT" message is displayed, the system begins a
log-in dialogue. Use your real name when you log on. The BBS
provides you with on-line help and various menu choices. Virus
information can be obtained from the Files section of the board
in either the Research, Resources, or Publications Directories.
A personal computer user may download any file without
restriction. The BBS is available 24 hours a day. Each user has
a maximum time limit of 70 minutes a day, 60 minutes on one call.
o CSL Bulletin on Computer Virus Attacks, August 1990, discusses
computer viruses and related threats and presents some effective
preventive measures. Call CSL Publications at (301) 975-2821 for
a complimentary copy of this bulletin.
o NIST Special Publication 500-166, Computer Viruses and Related
Threats: A Management Guide, gives general guidance for managers
of computer systems and networks on addressing the
vulnerabilities most likely to be exploited by computer viruses
and related software. Order from the Government Printing Office,
(202) 783-3238, order number SN003-003-02955-6, price $2.50.
FEDERAL INFORMATION PROCESSING STANDARDS (FIPS) ACTIVITIES
Twelve FIPS Withdrawn
The Federal Register of March 10, 1992, announced the withdrawal
of 12 FIPS. The Secretary of Commerce approved the withdrawal of
the FIPS because the technical specifications which they adopt
are obsolete and are no longer supported by industry. The 12
standards dealt with information interchange by means of magnetic
tape and flexible disk cartridges. For a copy of the Federal
Register listing the withdrawn FIPS, call our FIPS office at
(301) 975-2816.
CSL Selects Test Method and Establishes Trial Validation Service
for FIPS 160, Programming Language C
CSL selected the Perennial ANSI C Validation Suite as the test
method to be used for testing C compilers for conformance to FIPS
160, Programming Language C. Established in January 1992, the
trial validation service will be used to verify the accuracy and
completeness of the C validation procedures. The trial service
will continue through September 1992.
To assess the suitability of the test method and validation
procedures, we are seeking the views of industry, the public, and
local governments. Address your written comments to: National
Institute of Standards and Technology, Computer Systems
Laboratory, ATTN: C Test Service, Building 225, Room A266,
Gaithersburg, MD 20899. The comment deadline is September 30,
1992.
For more information, contact Kathryn Miles on (301) 975-3156.
Nine New Telecommunications FIPS Issued
On April 2, 1992, the Secretary of Commerce approved nine new
standards on modems for data communications use on telephone-type
circuits, to be published as FIPS 162-170. The new family of
FIPS replaces FIPS 133, 134-1, 135, and 136 (formerly designated
Federal Standards 1005A, 1006A, 1007 and 1008). The newly
approved standards adopt selected portions of CCITT
(International Telegraph and Telephone Consultative Committee)
modem recommendations: V.22, V.22bis, V.26, V.26bis, V.27bis,
V.27ter, V.29, V.32, V.33, V.42, and V.42bis.
Effective September 15, 1992, the standards will facilitate
interoperability between telecommunication facilities and systems
of the federal government. You may purchase copies of the new
FIPS, including the technical specifications, from the National
Technical Information Service (see address below). For further
information, contact Robert M. Fenichel, National Communications
System, 701 South Court House Road, Arlington, VA 22204-2198,
telephone (301) 692-2124.
UPDATE ON NEW PUBLICATIONS
CSL publishes the results of studies, investigations, and
research. The reports listed below may be ordered from the
following sources as indicated for each:
*Superintendent of Documents
U.S. Government Printing Office
(GPO)
Washington, DC 20402
Telephone (202) 783-3238
*National Technical Information
Service (NTIS)
5285 Port Royal Road
Springfield, VA 22161
Telephone (703) 487-4650
Guide to Schema and Schema Extensibility
By Bruce K. Rosen and Isabella des Fontaines
NIST Spec. Pub. 500-197
November 1991
SN003-003-03126-7 $2.25
Order from GPO
This guide assists users in understanding the concepts behind
databases and data dictionary schemas and schema extensibility.
It discusses the Information Resource Dictionary System (IRDS)
standard and the use of extensible schemas in performing the
functions of information resource management (IRM) and data
administration.
Monitoring and Reporting Techniques for Error Rate and Error
Distribution in Optical Disk Systems
By Fernando L. Podio
NIST Spec. Pub. 500-198
October 1991
SN003-003-03125-9 $5.00
Order from GPO
This report constitutes the proceedings of the workshop on
Monitoring and Reporting Techniques for Error Rate and Error
Distribution in Optical Disk Systems held on August 5, 1991, in
Colorado Springs, Colorado.
The 3480 Type Tape Cartridge: Potential Data Storage Risks, and
Care and Handling Procedures to Minimize Risks
By Mark P. Williamson
NIST Spec. Pub. 500-199
November 1991
SN003-003-03127-5 $3.50
Order from GPO
This publication summarizes reasonable procedures for the care
and handling of the 3480 type media in order to minimize
potential risks. The report informs data managers of the
potential chemical, mechanical, and magnetic failure mechanisms
association with the 3480 type media and presents the experiences
and recommendations of major 3480 type technology users and
manufacturers.
Development of a Testing Methodology to Predict Optical Disk Life
Expectancy Values
By Fernando L. Podio
NIST Spec. Pub. 500-200
December 1991
SN003-003-03134-8 $5.00
Order from GPO
This publication illustrates the development of a testing
methodology that can be applied to predict optical disk life
expectancy values. The report describes test results which were
used with a mathematical prediction model to develop the testing
methodology. Recommendations to implement a testing methodology
for life expectancy predictions are also given.
Reference Model for Frameworks of Software Engineering
Environments
Prepared Jointly by NIST and the European Computer Manufacturers
Association (ECMA)
NIST Spec. Pub. 500-201
December 1991
SN003-003-03135-6 $5.50
Order from GPO
This document describes a reference model for software
engineering environment (SEE) frameworks. An SSE deals with
information about the software under development, project
resources, and organization policy, standards and guidelines on
the production of software. An SSE reference model provides a
basis for determining interfaces between environment components
in order to create consistent interface standards.
Stable Implementation Agreements for Open Systems Interconnection
Protocols, Version 5, Edition 1, December 1991
Tim Boland, Workshop Chairman
NIST Spec. Pub. 500-202
December 1991
SN903-015-00000-4 $59.00 subscription
Order from GPO
This document records stable implementation agreements on Open
System Interconnection (OSI) protocols developed by organizations
that participate in the OSI Implementors Workshop (OIW). These
stable agreements are the basis for the Government OSI Profile
(GOSIP), for industry profiles, and for conformance tests being
developed by the Corporation for Open Systems.
Working Implementation Agreements for Open Systems
Interconnection Protocols
Tim Boland, Editor
NISTIR 4507
March 1991
PB92-126523 $43.00 paper
Order from NTIS $19.00 microfiche
This document presents the output of the OSI Implementors
Workshop (OIW) of December 1990.
Government Network Management Profile (GNMP): Public Review
Version of Proposed FIPS
By R. Aronoff, K. Brady, M. Chernick, J. Fox, K. Hsing, K. Mills,
and F. Nielsen
NISTIR 4651
January 1992
PB92-149871 $19.00 paper
Order from NTIS $ 9.00 microfiche
The GNMP will be the standard reference for all federal agencies
to use when acquiring Network Management (NM) functions and
services for computer and communications systems and networks.
This document specifies the initial proposed version of the GNMP.
On the Interchangeability of SGML and ODA
By Charles K. Nicholas and Lawrence A. Welsch
NISTIR 4681
January 1992
PB92-149830 $17.00 paper
Order from NTIS $ 9.00 microfiche
This report describes the Standard Generalized Markup Language
(SGML) and the Office Document Architecture (ODA), two
incompatible standards for the markup and interchange of
electronic documents. It evaluates the Office Document Language
(ODL) as a bridge between the two standards and describes a
translation program that converts SGML documents to ODA and back.
Technology Integration Workshop: Selected Papers
Henry Tom, Editor
NISTIR 4703
October 1991
PB92-158278 $26.00 paper
Order from NTIS $12.50 microfiche
This report contains selected summaries of technical
presentations and demonstrations given at the NIST Geographic
Information Systems (GIS) Standards Laboratory's Technology
Integration Workshop on August 23-24, 1990.
Requirements and Recommendations for STEP Conformance Testing
Sharon J. Kemmerer, Editor
NISTIR 4743
January 1992
PB92-158294 $17.00 paper
Order from NTIS $ 9.00 microfiche
This document describes a plan to develop a Conformance Testing
Service for STEP (STandard for the Exchange of Product model
data). The testing service is an integral part of a DoD-
sponsored project, the National PDES Testbed at NIST.
Sample Statements of Work for Federal Computer Security Services:
For Use In-House or Contracting Out
Dennis M. Gilbert, Project Leader
Nickilyn Lynch, Editor
NISTIR 4749
December 1991
PB92-148261 $19.00 paper
Order from NTIS $12.50 microfiche
This document presents a set of Statements of Work (SOWs)
describing significant computer security activities. It assists
federal agencies and government contractors in the acquisition of
computer security services by standardizing the description of
typical services available from within or outside of the
organization.
Massively Parallel Implementation of Character Recognition
Systems
By M.D. Garris, C.L. Wilson, J.L. Blue, G.T. Candela, P. Grother,
S. Janet, and R.A. Wilkinson
NISTIR 4750
January 1992
PB92-149863 $17.00 paper
Order from NTIS $ 9.00 microfiche
This report describes the implementation of a massively parallel
character recognition system which is designed to study the
recognition of handprinted text in a loosely constrained
environment. The NIST handprint database is used to provide test
data for the recognition system.
UPCOMING TECHNICAL CONFERENCES
Applications Portability Profile (APP)/Open Systems Environment
(OSE) Workshop
This workshop is designed as a user's forum to discuss the latest
developments in the APP/OSE.
Dates: May 14, 1992
November 10, 1992
Place: NIST, Gaithersburg, MD
Contact: Marty Gray
(301) 975-3276
FTS 879-3276
Hypermedia Lecture Series
This lecture series provides a forum where current research on
hypertext and multimedia can be presented and discussed.
Date: May 15, 1992, Gary Marchionini,
"Evaluation of Hypertext"
Time: 2:00 p.m.-3:30 p.m.
Place: NIST Green Auditorium
Contact: Judi Moline
(301) 975-3351
FTS 879-3351
Lecture Series on High Integrity Systems
This lecture series addresses problems and solutions for
developing and operating high integrity systems. The series
targets managers and technical staff who acquire or develop
computer software systems.
Date: May 18, 1992 - Paul Strassmann
Director of Defense Information
Department of Defense
Corporate Information Management
"Economic Justification of Risky Investments in
Information Technology"
Time: 2:00 p.m. - 3:30 p.m.
Place: NIST Red Auditorium
Contact: Dolores Wallace
(301) 975-3340
FTS 879-3340
North American ISDN Users' Forum (NIUF)
The NIUF addresses many concerns over a broad range of Integrated
Services Digital Network (ISDN) issues and seeks to reach
consensus on ISDN Implementation Agreements. Participants
include ISDN users, implementors, and service providers.
Dates: June 2-5, 1992, NIST
October 27-30, 1992, NIST
November 16-20, 1992, Transcontinental ISDN Project 1992
Contact: Dawn Hoffman
(301) 975-2937
FTS 879-2937
OSI Implementors Workshop (OIW)
This workshop is part of a continuing series to develop
implementation specifications from international standard design
specifications for computer network protocols.
Sponsors: NIST and the IEEE Computer Society
Dates: June 8-12, 1992
September 21-25, 1992
December 14-18, 1992
Place: NIST, Gaithersburg, MD
Contact: Brenda Gray
(301) 975-3664
FTS 879-3664
COMPASS '92
This conference provides a forum on issues of education in
computer science, formal methods, system certification, and
assurance of high-integrity systems.
Sponsors: NIST, IEEE Aerospace and Electronic Systems Society,
and the IEEE National Capital Area Council
Date: June 15-18, 1992
Place: NIST, Gaithersburg, MD
Contact: Laura Ippolito
(301) 975-5248
FTS 879-5248
Department of Defense Electronic Data Interchange Conference
(EDI)
This conference will provide DoD EDI participants with a forum to
present their programs, exchange ideas, and to learn about DoD's
program for expanding the use of EDI. The conference targets
military services, defense agencies, and industry.
Sponsor: NIST and the DoD Executive Agent for EC/EDI
Dates: June 23-26, 1992
Place: NIST, Gaithersburg, MD
Contact: Cheryl Blake
(703) 274-5156
15th National Computer Security Conference
The theme of this year's conference is "Information Systems
Security: Building Blocks to the Future." The major emphasis
will be the use of resources to provide security to networked and
distributed systems.
Sponsors: NIST and NSA's National Computer Security Center
Dates: October 13-16, 1992
Place: Baltimore Convention Center, Inner Harbour, Baltimore, MD
Contacts: Irene Gilbert (301) 975-3360
Dennis Gilbert (301) 975-3872