Hi,
BO is a backdoor trojan, as well as at least 130 other program with the
same functions. First of all the authors, the users and the Internet
community are using the term backdoor trojan. Fore some strange reasons
they are always found on hacker or trojan sites. Not to mention hqw they
are treated by both anti virus and anti trojan software. BO and the others
can not be compaired with pcAnywhere and other program alike as there
actions are open to the users, and the trojans are not. pcAnywhere would be
a very bad hacking tool so easily spotted I must say. Or is it AT&T policy
to advice people to use BO instead of pcAnywhere?
Most trojans have not a fixed port which makes is easy for anyone who wants
to hack to use a specific port other that the default one. Today trojans
uses at least 176 different ports to communicate with infected computers.
At least 150 trojans can have there default ports changed. I all various
cases I have found BO on anyones computer they have been placed there by
others in secrecy, either using some sort of social engineering to trick
the user to install the piece of shit, or by someone with physical access
to the now hacked computer.
And of course if anyone uses a hacking tool for the purpose of finding
hackers, hacking attempts or whatever, they are still hacking tools. The
only real reason for an owner to permit BO to be installed is bacause he or
she wants to avoid attention from the superiors when they conduct illegal
or immoral acts.
The intention of the people who wrote BO and the code itself makes it a
hostile tool. And as you are obviously acting as an AT&T representative,
I�m sure going to ask you superiors if this is company policy or just wind
coming out of your mouth.
Cheers,
Joakim
>> > > Personally, I don't know what security term I would use
>> > > on Back Orifice.
>>
>> It's a backdoor.
>>
>> Matt
>>
>
>It's not that simple!
>
>You've probably seen or heard of this being used
>_as a backdoor_ but that does not _make it a backdoor_. VNC or Tivoli or
>Maestro or SMS or PC Anywhere or WinWhatWhere, etc., etc. can all be used
>_as backdoors_ but that does not _make them backdoors_. In some
>instances, bo2k can be installed surreptitiously for use _as a backdoor_.
>Being a backdoor implies that it has been installed without the system
>owner's knowledge or permission. However, bo2k can be installed with an
>owner's permission (see previous emails about the wonderful benefits of
>using bo2k for administration). In that case, it is NOT a backdoor.
>
>The generic response is, "it depends". In some situations, bo2k is a
>front door. In others, it is a back door. It is not the nature of the
>software itself that makes it one or the other but the how it was
>installed (covertly or overtly). This is a very important distinction
>that you need to make.
>
>-Jason
>
>AT&T Wireless Services
>IT Security
>UNIX Security Operations Specialist
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
