On Tue, 2 Nov 1999, Matthew G. Harrigan wrote:
> Date: Tue, 2 Nov 1999 10:36:06 -0800
> From: "Matthew G. Harrigan" <[EMAIL PROTECTED]>
> To: "william.wells" <[EMAIL PROTECTED]>,
> "'Mullen, Patrick'" <[EMAIL PROTECTED]>,
> "'Michael H. Warfield'" <[EMAIL PROTECTED]>,
> Elaine -HFB- Ashton <[EMAIL PROTECTED]>
> Cc: Bill Lavalette -=- Operations NdrsNet NOC/CERT <[EMAIL PROTECTED]>,
> 'Jason Axley' <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
> Subject: Re: BO2k source code
>
> > > Personally, I don't know what security term I would use
> > > on Back Orifice.
>
> It's a backdoor.
>
> Matt
>
It's not that simple!
You've probably seen or heard of this being used
_as a backdoor_ but that does not _make it a backdoor_. VNC or Tivoli or
Maestro or SMS or PC Anywhere or WinWhatWhere, etc., etc. can all be used
_as backdoors_ but that does not _make them backdoors_. In some
instances, bo2k can be installed surreptitiously for use _as a backdoor_.
Being a backdoor implies that it has been installed without the system
owner's knowledge or permission. However, bo2k can be installed with an
owner's permission (see previous emails about the wonderful benefits of
using bo2k for administration). In that case, it is NOT a backdoor.
The generic response is, "it depends". In some situations, bo2k is a
front door. In others, it is a back door. It is not the nature of the
software itself that makes it one or the other but the how it was
installed (covertly or overtly). This is a very important distinction
that you need to make.
-Jason
AT&T Wireless Services
IT Security
UNIX Security Operations Specialist
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
