Forwarded From: blueskyat_private http://www.wired.com/news/news/technology/story/14272.html ISS Chimes In on Back Orifice Wired News Report 3:45pm 6.Aug.98.PDT Internet Security Systems issued a security alert Thursday on how to detect and remove the Back Orifice hacker program. Back Orifice, created by hacker group Cult of the Dead Cow, potentially allows malicious peeping Toms to monitor Windows 95 or 98 computers without users' knowledge. "Back Orifice provides an easy method for intruders to install a back door on a compromised machine," says the alert from the security software and consulting company. ISS recommends using Windows' registry edit program to look for "any services that may not have been intentionally installed on the machine. If the length of one of these file[s] is close to 124,928 (give or take 30 bytes) then it is probably BO [Back Orifice]." If the program is detected, ISS recommends deleting the server and removing its registry entry, as well as backing up user data, and reinstalling all operating systems and software on the machine. On Tuesday, Microsoft discounted the threat posed by the program, which was released at the DefCon hacker convention in Las Vegas last weekend. -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:00:41 PDT