Back Orifice - Watch Out
by Peter Doshi, email@example.com
Page updated Nov 11, 1998
You may or may not have already heard about Back Orifice.
It is the supposed cause behind the recent hacks into VSNL users'
systems. This page is here to set the record straight with the facts
so people don't panic nor take this threat too lightly.
|What is Back Orifice (BO)?
||What should you do?
||How do you remove it?
What is Back Orifice?
In the words of The Cult of the Dead Cow, its creator:
Back Orifice is a remote administration system which allows a user to
control a Win95 machine over a network using a simple console or GUI
application. On a local LAN or across the internet, BO gives its user
more control of the remote Windows system than the person at the
keyboard of that machine.
In our words, BO will feel like the worst thing that can happen to you.
BO is just plain BAD
You may even already have it on your system without knowing
about it. BO will let anybody do just about anything on your system. Things
like looking at your files, your registry, and even formatting your harddisk
are all possibilities with BO.
This webpage is provided not to inform you directly concerning
everything about BO, but to give you a starting point with many
links, including one link for a
program which claims to get rid of BO. Note that, while many claim
to get rid of BO, many are yet untested. (see below)
What should you do?
The best thing you can do is to stay abreast of information
concerning BO. Keep watching the news
and realize that it is very dangerous due to its ability to adapt and
change. A common practice of going to
AltaVista and searching for: +"Back Orifice" will
yield current results. Currently, AltaVista finds 2021. In the next
weeks and months, we feel this will grow exponentially.
Some good pages worth bookmarking:
How do you remove it?
- The Back Orifice "Backdoor" Program
- Back Orifice
- Is 'Back Orifice' a threat - - or an educational tool?
- Symantec: Info on Back Orifice and NetBus (This isn't yet confirmed to work by any ``human'' sources)
The first thing to realize is that there is no 100% unanamously accepted
cure for Back Orifice. There are only programs reported to work. There
are even programs being distributed which are BO in disguise.
Care must be taken to download a clean version of the remover, too, and
therefore we suggest that you download the program from the creator's
website, rather than any mirror.
One particularly comprehensive website
recommends two programs:
- BO Detect
- Back Orifice Eliminator
Watch out for a program called BO Sniffer - it's BO in disguise!
Directions for installing BO Detect:
Please note that this is NOT our program and is NOT freeware. It is free for individual use.
Anything other than that, and you will need to pay for it. Contact the author of this program for
more information. Read order.txt
- Download the following 10 files and put them all in the same place. For instance, make a folder called BODetect
on your desktop (C:\Windows\Desktop\BoDetect\) and save the files in there. They need to be kept together
for the installation to work correctly.
Experienced users: To save time download a zipped file of all the above: BoDetect_StandAlone.zip
- Next, close your web browser and go into the folder where you downloaded the files and run BoDetect.exe.
Doing so will install the program and get rid of Back Orifice from your computer.
- Your computer should not be infected anymore. Contact us if you encounter any problems.