Back Orifice is a client/server application that can gather information, perform system commands, reconfigure machines, and redirect network traffic. By executing the Back Orifice server program on a machine, a user can connect remotely to that specific IP address and perform any of the above actions. Although Back Orifice can be used as a simple monitoring tool, its main purpose is to maintain control over another machine for reconfiguration and data collection. The features of Back Orifice, combined with anonymous, and possibly malicious, control of machines makes it especially dangerous in a networked environment. The specific commands available in Back Orifice are listed later in this alert.
365bea7d8d7bca428a4eecde29a4ae3d6bb15002521201138ea6c41c0db573f7Internet Security Systems (ISS) X-Force is issuing the third of our quarterly updates on backdoors for Windows 95, 98, and NT. Because of the number of backdoors mentioned in this advisory, there is only a brief description of each backdoor's features and communications protocol. Instead, this update will focus on detection and removal information. This update contains information on DeepThroat 1, 2 and 3, NetSphere 1.30, GateCrasher 1.2, Portal of Doom, GirlFriend 1.3, HackaTack, EvilFTP, phAse Zero, ExploreZip.worm, and SubSeven. ISS X-Force would like to remind you to not run any executables you receive in e-mail, over IRC or ICQ, or via any other means of Internet-based communications.
ff83e9521ec25ffa9f30f69de23ab96c810d551861c794b421c6aef0dbb4da25
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed