[ISN] ISS Chimes In on Back Orifice

From: mea culpa (jerichoat_private)
Date: Fri Aug 07 1998 - 15:32:33 PDT

  • Next message: mea culpa: "[ISN] Eudora Pro Security Alert"

    Forwarded From: blueskyat_private
    ISS Chimes In on Back Orifice
    Wired News Report 
    3:45pm  6.Aug.98.PDT
    Internet Security Systems issued a security alert Thursday on how to
    detect and remove the Back Orifice hacker program.
    Back Orifice, created by hacker group Cult of the Dead Cow, potentially
    allows malicious peeping Toms to monitor Windows 95 or 98 computers
    without users' knowledge.
    "Back Orifice provides an easy method for intruders to install a back door
    on a compromised machine," says the alert from the security software and
    consulting company.
    ISS recommends using Windows' registry edit program to look for "any
    services that may not have been intentionally installed on the machine. If
    the length of one of these file[s] is close to 124,928 (give or take 30
    bytes) then it is probably BO [Back Orifice]." 
    If the program is detected, ISS recommends deleting the server and
    removing its registry entry, as well as backing up user data, and
    reinstalling all operating systems and software on the machine.
    On Tuesday, Microsoft discounted the threat posed by the program, which
    was released at the DefCon hacker convention in Las Vegas last weekend. 
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:00:41 PDT