

    The following alert was distributed to members of the NetWare User
    Group in Portland, Oregon.  It was also posted to the NOVUSER library
    of Novell's NetWire forum on CompuServe.


                           *** Security alert ***

    As a network administrator or corporate security officer, one of your
    more significant fears is likely to be a computer virus attack. If
    you've been through a virus attack, you probably had to cleanup
    after a single virus. That's bad enough. But suppose the attack came
    from hundreds or thousands of viruses - all at once. This is now a
    real possibility.

    An extensive collection of computer viruses is now available on
    CD-ROM for $99.95 (US dollars). It's called "The Collection: Outlaws
    from America's Wild, Wild West". The CD-ROM comes from none other
    than Mark Ludwig - one of the more controversial figures in the
    computer security industry.

    Many of those deeply concerned about security were beside themselves
    when Mark published his book "The Little Black Book of Computer
    Viruses". The book shows you how to create your own virus and gives
    you sample source code. At the time, some were calling for
    legislative remedies while others were reminding us about free
    speech.

    Now Ludwig may have gone a bit too far with his CD-ROM virus
    collection. While he tells us that the practical purpose for buying
    his CD-ROM is to be able to check out how well your virus scanner
    finds viruses (a valid point), the CD-ROM's provocative name is
    bound to stir things up. I think that above all else, Ludwig likes to
    be at the center of controversy and loves the attention.

    Armed with the CD-ROM, a disgruntled employee can now launch a
    devastating attack that could require a very costly cleanup effort -
    the kind of attack that impacts careers.

    How concerned should you be about this? This threat is very real. It
    would be a good time to review your security procedures. In the
    event you have no formal security procedures for dealing with virus
    attacks, this most significant threat should give you the incentive
    you need to investigate how to put sensible procedures in place in
    your company.

    If you have no such procedures and don't know how to begin, I've
    prepared a paper that exposes you to the issues and makes
    recommendations. You can obtain the paper by sending your
    address to my office via FAX at 1-503-636-9501 or send your address by
    CompuServe to 75410,1176.

    Good luck,
    Ed Sawicki
    Accelerated Learning Center
    President - Portland Area NetWare User Group
    Portland, Oregon.


