Joakim,
Before you get the wrong idea, I _do not_ speak for my company and these
are my personal opinions. Despite my comments below, I would probably not
recommend using BO to most organizations, just because there is a negative
perception of the program.
Comments imbedded:
>Hi,
>BO is a backdoor trojan, as well as at least 130 other program with the
>same functions. First of all the authors, the users and the Internet
>community are using the term backdoor trojan.
Actually, the cDc calls BO2k a "remote administration tool", not a
'backdoor trojan'. By definition, BO cannot be a trojan in and of itself
because its functionality is known. A front-end program that secretly
installed BO _would_ be a trojan, but that is not the same thing. If
anything, BO is a 'back door', like some other remote control apps.
The cDc has talked about suing anti-virus software makers that target their
application because in almost all
respects the same functionality exists in several other products. They
have gone to lengths to compare
it to SMS, which can also be installed in "stealth" mode, as can other
products.
In any case, many terms in "common" use are not correct, so I would not use
that as proof of anything. For example, the term "hacker"has been used for
years as "someone who attacks systems", although clearly that was not the
original
use of the term in computer circles.
>Fore some strange reasons
>they are always found on hacker or trojan sites. Not to mention hqw they
>are treated by both anti virus and anti trojan software.
See my comments above about cDc's reaction to antivirus software vendors.
Like it or not, they do have a point. I think most of the arguments against
BO come down to "crackers have created it and used it so I don't like BO
and I don't like cDc", which is a very common viewpoint.
>BO and the others
>can not be compaired with pcAnywhere and other program alike as there
>actions are open to the users, and the trojans are not.
Not sure what you mean by "actions are open to the users". I don't know
about PCanywhere, but SMS can be installed
in stealth mode so that users don't know its there. I'm sure other
products have similar functionality.
> pcAnywhere would be
>avery bad hacking tool so easily spotted I must say. Or is it AT&T policy
>to advice people to use BO instead of pcAnywhere?
>Most trojans have not a fixed port which makes is easy for anyone who wants
>to hack to use a specific port other that the default one. Today trojans
>uses at least 176 different ports to communicate with infected computers.
>At least 150 trojans can have there default ports changed.
>I all various
>cases I have found BO on anyones computer they have been placed there by
>others in secrecy, either using some sort of social engineering to trick
>the user to install the piece of shit, or by someone with physical access
>to the now hacked computer.
Which makes it understandable that you have a very negative view of BO. I
can understand why
you feel it is a "hacker tool", but just remember that tools that can be
used in various ways,
regardless of the original intent of the tool. Even DoS attack tools can
be used legitimately to test your
own systems. It's all in how the tool is used and by whom.
>And of course if anyone uses a hacking tool for the purpose of finding
>hackers, hacking attempts or whatever, they are still hacking tools. The
>only real reason for an owner to permit BO to be installed is bacause he or
>she wants to avoid attention from the superiors when they conduct illegal
>or immoral acts.
This is obviously a personal opinion that is colored by your past
experiences with BO. If you can think of a
reason why you might want to have an administrator have remote access to
your machine, then you can
think of a legitimate reason to use BO. With the exception of VNC, all
other remote control tools I'm aware of
are not free, which is one reason someone might use BO to manage their
remote machines. The big advantage that BO has over VNC is that you can
use strong encryption so that you could manage a device over an insecure
connection, as yet VNC does not encrypt sessions.
>The intention of the people who wrote BO and the code itself makes it a
>hostile tool.
The intentions of the authors are really irrelevant. A tool is what you
make of it. There's no reason that
someone could not use BO to suit their purposes. The argument that the
tool itself is hostile basically
comes down to the argument that "it can be installed and run so that the
user doesn't know about it
and they can't control it". As others have argued, there are legitimate
reasons why you might not want a user to
control the software, and even reasons why you might not want them to know
its been installed. If you have users who like to "play" with their
machines, I might not want them to know something is there so that they
can't mess around with it.
As pointed out earlier, since by definition a trojan is a program which
claims to be something it is not, if I tell you
I'm installing BO on your machine, it's not a trojan. If I'm the admin and
I purposely install BO on my users machines,
it's not a trojan. If I package a file that claims to be a game and it
instead installs BO, then that program is a trojan
by definition. BO can be classified as a 'back door', but so can several
other remote control programs.
I don't think anyone would disagree that the initial intent of the program
authors was to allow BO to be distributed
through a trojan "front-end" that allowed the 'back door' to be installed.
However, it is a powerful program that
could be used however an administrator wants. It provides a lot of
features that only commercial products have,
the source code is available and its free. So despite it's reputation, it
could be legitimately used.
It's mostly because of the history of the programs use and the group that
created it that people have a decidedly negative view of it, not anything
inherent in the tool itself.
Kent Hundley
Lucent NPS
"Speaking only for myself, not my company"
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
