Is Back Orfice REALLY a treat?
How much of a threat is Back Orifice to you?
Not much really, if you are careful and DO NOT do anything stupi...excuse
me- silly like using IE with ActiveX enabled and d/ling and running
unknown .exes. Simple as that, really.
Let's start with
The DefCon convention, where Back Orifice was first introduced to the unsuspecting public.
Fittingly, the DefCon is held in Las Vegas, the city known as the
biggest bullshit heap on Earth. BO was first introduced in 1998, then in
1999, it was made open souce, which mean
now instead of one version ofBO we have hundred diffones. Of-course,
DefCon has a site you can visit, too.
You can visit
CultofTheDeadCow site yourself and bask in their adolecent
humor or you can instead read
AntiOnline's coverage of BO which will put all your fears to rest.
Turns out the CotDC is MORE interested in selling T-shirts than
providing any actual info on how BO works. Yeah, these guyz are SCARY.
FAQ on BO by Helping handFirst thing about
Back Orifice the patches for BO are designed to check for any
information being transmited from PORT 31337( wich is it's default port, IF
IT hasn't been reconfigured , I'm sure they are still working on this problem )
Reconfigureing Back Orifice:I can take boserve.exe, change which port to use,
from 31337 to 1234. I can rename it to win32.DLL and it will still run on
startup as an .EXE file. Even the name for the registration filecan be
changed ( try figuring out wich to dellete, win32 or is it win_32 ).
And
if you think this is still a joke, Well I just hope your tickled...
Find out for your you self
To those that don't believe that Back Orifice
can't do any damage....think harder. First, No you don't have to click on
the Server program to install it on your computer. (If you are running MS
internet exploiter and Active-X) your browser can install it for you. There
are two parts to the software Client/Server. I my self, have taken in the
time to learn how touse it.. It allows a DOMAIN search (255.255.255.*) to
find people who have it installed on therecomputer.once it is found, It
allows you to see passwords, spawn processes, and It can be used as a
HTTP server to run on your computer, just set up on a PORT...Then just go to
net scape, type thereIP:PORT and BAM you in( 255.255.255.255:1234 )
any questions so far....tough, go do your homework on the subject.I
can even take a picture of your screen (what your looking at, save it as
c:screen.bmp....then go through Netscape and download it via the HTTP server
I have just spawned on your computer through the GUI part of BO.....
(yes it requires a little knowledge of networks) If you don't believe me..
(frankly I don't care, I'll just see your computer later)....I
would sugestdownloading a copy just to see how it works....if nothing else
just to see what it can do..Just because you don't have the knowledge to do
something, Doesn't mean it can't be done.....QUOTE from: Thomas Edison.
So what did we learn from the above article, besides the fact the writer is
an awful speller(like I should talk, he-he). Well if you paid attention,
you'd have noticed he said BO scans domans for people who have installed it...
Aha!..So that means if you re stu...sorry, silly enough to install it, it
will act as a beacon on the net advertising itself...So DO NOT even think of
installing it.
Instead, read the following links for more info on BO.
Dr.Benson has a good back orifice detecting program available at:
BoDetect
and even more information at:
bodetectEverybody should test their machine.
for Notes on Bo read the Tech notes on Back Orifice
To: All people ..curious about Back Orifice (BO)Here is some reading material:
Want to remove it:boelimdl
note* as usual this page
is a work of progress; I work and add links here whenI have the time; Info, links,
Toolz on how to fight BO are ALWASY welcome.
last
word-use your head and do not d/l or use suspitious freeware or shareware.THaaat-s-s-s-s ALL f-folks!