Forwarded From: bluesky@rcia.com
http://www.wired.com/news/news/technology/story/14272.html
ISS Chimes In on Back Orifice
Wired News Report
3:45pm 6.Aug.98.PDT
Internet Security Systems issued a security alert Thursday on how to
detect and remove the Back Orifice hacker program.
Back Orifice, created by hacker group Cult of the Dead Cow, potentially
allows malicious peeping Toms to monitor Windows 95 or 98 computers
without users' knowledge.
"Back Orifice provides an easy method for intruders to install a back door
on a compromised machine," says the alert from the security software and
consulting company.
ISS recommends using Windows' registry edit program to look for "any
services that may not have been intentionally installed on the machine. If
the length of one of these file[s] is close to 124,928 (give or take 30
bytes) then it is probably BO [Back Orifice]."
If the program is detected, ISS recommends deleting the server and
removing its registry entry, as well as backing up user data, and
reinstalling all operating systems and software on the machine.
On Tuesday, Microsoft discounted the threat posed by the program, which
was released at the DefCon hacker convention in Las Vegas last weekend.
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]
Received on Sat Aug 8 15:03:27 1998