This is a collection of White Papers written on the subjects of viruses, antivirus, UNIX, computer security and CyberSoft products. If you have written a white paper on one of these subjects and would like it to appear here, please let us know. We are always looking for new material in these categories.
Product Education
Use of the Avatar and CIT tools for Centralized Distribution and Control
The VFind Security Tool Kit Professional (VSTKP) is a fully featured security and administration set of tools. It is not just an antivirus scanner. This paper assumes that you are already familiar with the primary function of the Avatar and CIT tools that are part of the VFind Security Tool Kit Professional. For those of you who are not, Avatar is an automated tool that runs without end user operation. By Peter Radatti, December 9, 2003Virscan/SafeInternetEmail Documentation
The SafeInternetEmail system (SIE), also known as VirScan, uses CyberSoft's VFind anti-virus software to scan all incoming and outgoing email for viruses, suspicious file attachments, and spam. by Richard J. Perry, May 2002 This paper is also available for download as a pdf of as a postscript file.CVDL Tutorial
CVDL is the CyberSoft Virus Description Language. It is used to define patterns for virus scanning by the VFind® Security Toolkit. The presentation here is a tutorial on using CVDL to create your own patterns. It starts with some simple examples, then presents an overview of all of the CVDL operators. By Rick Perry, September 16. 2001.Extensions to CVDL, the CyberSoft Virus Description Language
This report documents extensions made recently to the original CyberSoft Virus Description Language (CVDL), and also provides a complete summary of the current language. By Dr. Rick Perry, August 11. 2001.CVDL - CyberSoft Virus Description Language
This is a historical and technical paper on the CyberSoft Virus Description Language (CVDL) and how it performs to detect viruses in source code by providing forward reference proximity scanning. CVDL also enhances virus scanning by searching for keywords using case insensitivity and proximity testing.
Product Explantation
CyberSoft Network Traffic Interceptor Handbook
The CyberSoft Network Traffic Intercepter (NTI) is the component of the VFind Security Toolkit (VSTK) that intercepts data on Unix TCP connections and arranges for them to be validated using the virus scanning tools UAD and VFind. This enables scanning of connections both into and out of a computer and is independent of and transparent to the applications and server daemons that communicate using the supported protocols.Non-Technical Cost Justification For CyberSoft’s VSTK and VSTKP products
One of the hardest tasks for a computer security professional to do is cost justification. It is often not part of the training but it is always part of the job. This paper answers some of these questions for the VFind Security Tool Kit (VSTK) and the VFind Security Tool Kit Professional (VSTKP). By Peter Radatti, April 2002Optimal Queueing Strategies for E-mail Virus Scanning
Optimal queueing strategies are derived for an e-mail virus scanning system consisting of multiple queues of varying message size limits running in parallel. The general VirScan system is described, a queueing model is defined, and expressions are derived for the overall average time that messages spend waiting in the queues. by Richard J. Perry and Mark G. Thomas, presented at the March 2002 Conference on Information Sciences and Systems, Princeton, NJ (CISS 2002). This paper is also available as both a Postscript and a pdf file.Recommended Use of VFind on a File System
This animation visually depicts how VFind should be used on a file system.Secrets of the VFind Security Tool Kit Professional Plus
The purpose of this paper is to help our customers more fully utilize the VFind Security Tool Kit Professional Plus. As many of our customers have come to realize, it is more than just a antivirus scanner, but rather an entire security toolkit. The audio for this paper is also available as a mp3. By Peter V. Radatti, February 2000.Use of Avatar on a Honey Pot System
How to set up security for a high visibility web site using Avatar. Includes scripts and examples. By James A. Roach, Jr., May 11. 2001.Environmental Impact: Microsoft Operating Systems and the Computer Virus Threat
This paper describes how computer viruses and antivirus software are forced to operate under environmental pressure. In this case the changing environment of Microsoft operating systems from MSDOS to Windows 3.1, Win-95, Win-98, Win-NT and Windows 2000. By Joseph Wells September 9, 1999.Open Letter
CNET's September 21, 2000, review of antivirus products betrayed their readers' trust. Moreover, it did antivirus product users a major disservice. Although this review was presented as being fair and professional, the evidence demonstrates that it was neither. Signed by 20 experts in the field of Antivirus. As a side note, CyberSoft's products were not part of the review. By Joseph Wells, Warlab.Security Problems Caused By Aggregate Data Of Client/Server Connections On The Internet
This paper reveals some of the little known problems of maintaining privacy on the Internet. By Peter V. Radatti, September 1998Take on the Barbarians on the other side of the wall
This paper is the first independent product review of the VFind and CIT tools. The paper was written by Roger Harmston and appeared in the SunServer monthly magazine - September 1996 Volume 10 Number 9. Roger is with Strategic UNIX Networks Corporation in Victoria, British Columbia. He can be reached at roger.harmston@strategic.Victoria.BC.CA (work) or rogerh@dynamis.bc.ca (home).Special Attributes of the VFind Tool Kit
This paper reveals some of the special attributes of the VFind Tool Kit that our customers have used to solve problems other than anti-virus. VFind really is a complete security tool kit and has been used for many purposes.Why VFind
This paper reveals the design secrets behind the development of the world's first anti-virus program for UNIX, VFind. This is the paper the anti-virus industry didn't want published. It completely removes the mystery of anti-virus technology. If you are considering the purchase of an anti-virus product for UNIX you need to read this paper! Written in an easy to read, first person, narrative by the designer of VFind, Pete Radatti. The audio for this paper is also available as a mp3National Software Testing Laboratories CyberSoft VFind Report #1, June 1996
NSTL is an independent, well respected, software testing laboratory. They reviewed VFind Version 5 Release 1 in April, 1996. The purpose of the test was to independently verify the functionality of the product and to identify areas where CyberSoft could improve the product. The test accomplished both of these goals, demonstrating that the product fulfilled and exceeded its requirements. The NSTL report concludes, "CyberSoft's utilities are more than anti-virus utilities. .... CyberSoft's utilities are of a unique and versatile kind in the market".
Industry Relevant White Papers
Who, What, Why
Why does CyberSoft does exist and who is Peter Radatti? Who is Cybersoft, Inc.? What does CyberSoft make? Why should you care? Should you use CyberSoft Tools? The answers to these questions and more. By Peter V. Radatti, March 2001.Computer Viruses In Unix Networks
Describes various attacks (viruses, Trojan horses, worms, etc.) that can occur against UNIX systems. Although many people assume that the UNIX system is immune to attacks, this paper dispels these assumptions and demonstrates the vulnerability of the UNIX system. It also addresses the problem of UNIX as a cross platform carrier of viruses and discusses steps to be taken to prevent and monitor systems against attacks.The Plausibility of Unix Virus Attacks
An updated rebuttal to a paper published by a Scientist and includes references to like papers written on this subject. The definitive reference for anyone interested in this subject.Anti-Virus For Multimedia Publishers
A short discussion on the possibility of viruses being transmitted on media heretofore considered virus free and what publishers can do to protect themselves and their customers.Git Along, Little Virii
How To Protect Your Computer From Dastardly Attacks. By Barbara Higgins, August 8. 2001.Immunity to Worm/Virus Attacks by File Type Blocking
Sub-Title: Email and File Virus Scanning by File Type. This paper discusses the concepts involved in file type blocking, and includes examples of how to use UAD and MvFilter to scan for and block dangerous file types, including worms and macro viruses. By Peter V. Radatti, April 24, 2001.Customer Case Study Number 2
January 2001 European Based International Pharmaceutical Company. This report was written by the customer using the product. CyberSoft's only edits to the document were to remove the organization name (at their request) and improve formatting for ease of reading. "We came across VFind about four years ago while looking for a virus scanner that would work on UNIX..."Customer Case Study Number 3
January 2001 A United States Regional Government Computer Center. This report was written by the customer using the product. CyberSoft's only edits to the document were to remove the organization name (at their request) and improve formatting for ease of reading. "If it wasn't for your Cybersoft Cryptographic Integrity Tool, I would never have known that my /etc/rc* boot files were modified...."Radical New Approach to Virus Scanning
This paper describes a history of virus scanning technology and why it is wrong. It is anticipated that this paper will become the basis for dozens of other papers, feel free to quote. By Joseph Wells October 18, 1999.Field Guide to Antivirus False Alarms, May 1999
This white paper explains what an Antivirus False Alarm is and how you should deal with it. It is an appropriate white paper for all antivirus products not just products manufactured by CyberSoft, Inc.Firewall OEM Uses of CyberSoft Technology
This paper provides firewall manufactures some potential OEM uses of CyberSoft technology. Manufacturers of products other than firewalls can generalize this document to their own needs or contact CyberSoft for specific ways in which our security technology can enhance your products. This document does not list all of the products and technologies available. Call for details.The Year 2000 and Beyond
This papers discusses CyberSoft products and the year 2000 problem. CyberSoft products dated after May 1997 will continue to operate normally after the year 2000 but may have a problem in the year 2038 depending upon the system architecture.Heterogeneous Computer Viruses In A Networked Unix Environment
Discusses the dangers lurking for personal computers attached to heterogeneous networks infected with viruses from UNIX workstations. The author points out the necessity of complete protection for the work stations, server and host, or the infection will re-occur. The first paper to discuss the Typhoid Mary Syndrome.Mister Mean The Hacker
An easy to read paper on the topic of social engineering System Administrators on the Internet.The Cookie Monster
An easy to read paper on the topic of Internet Cookies and aggregate data.CyberSoft Moral Guidelines
Contains comments from CyberSoft President Peter V. Radatti and a reproduction of "Rudimentary Treatise on the Construction of Locks" by Charles Tomlinson, 1853. The reproduction is by permission of Addison-Wesley and is taken from page 144 of the book, "Firewalls and Internet Security" by William R. Cheswick and Steven M. Bellovin.
Also See: