Quarantine (antivirus program)
This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these template messages)
|
Quarantine was an antivirus software from the early 90s that automatically isolated infected files on a computer's hard disk. Files put in quarantine were then no longer capable of infecting their hosting system.
Development and release
In December, 1988, shortly after the
The original Quarantine used Hunt's
Functionality
Quarantine
- allowed suspect files to be
- Deleted
- Moved to a quarantine area
- Flagged in a report
- Standard executables were scanned, or one could use up to twenty file matching patterns
- Twenty exclusion patterns were available
- Twenty directory paths could be included, or twenty excluded
The 1990 version also allowed
- Background processing
- Checking of executables and libraries as a file is opened
- Timing of checks, e.g. if one opened a word file, WORD and all its libraries could be checked:
- Immediately
- Every half an hour
- Once a day or every ten days, etc.
Quarantine allowed system managers to track all modifications of a selected files or file structures, hence Quarantine users also got early warnings of failing disks or disk interface cards.
Achievements
In 1990 Quarantine received the LAN Magazine, Best of Year, Security award. In that year "Quarantine" was reportedly responsible for finding the first stealth virus at the University of Toronto, when all pattern matching virus detectors had failed.
Legacy
The efforts and expenses to convert Quarantine to other platforms went unrewarded as Tripwire's 1991 copy of Quarantine for *nix was better funded and publicized than OnDisk could afford to match.
Later efforts include modularized reliability and intrusion approaches that include either SHA-1 or MD5 signatures, or both if you like. Quarantine stopped shipping in 1994.
References