ad info




CNN.com
 MAIN PAGE
 WORLD
 ASIANOW
 U.S.
 LOCAL
 POLITICS
 WEATHER
 BUSINESS
 SPORTS
 TECHNOLOGY
   computing
   personal technology
   space
 NATURE
 ENTERTAINMENT
 BOOKS
 TRAVEL
 FOOD
 HEALTH
 STYLE
 IN-DEPTH

 custom news
 Headline News brief
 daily almanac
 CNN networks
 CNN programs
 on-air transcripts
 news quiz

  CNN WEB SITES:
CNN Websites
 TIME INC. SITES:
 MORE SERVICES:
 video on demand
 video archive
 audio on demand
 news email services
 free email accounts
 desktop headlines
 pointcast
 pagenet

 DISCUSSION:
 message boards
 chat
 feedback

 SITE GUIDES:
 help
 contents
 search

 FASTER ACCESS:
 europe
 japan

 WEB SERVICES:
COMPUTING

From...
Computerworld

Don't blame Back Orifice for security problems

September 29, 1999
Web posted at: 10:50 a.m. EDT (1450 GMT)

by Ann Harrison graphic

(IDG) -- BackOrifice is a remote administration tool for Microsoft Windows and, as Bruce Schneier, chief technology officer at San Jose-based managed security services firm Counterpane Internet Security Inc. (link below), points out, "one of the coolest hacking tools ever developed."

Computerworld reporter Ann Harrison spoke with him recently about the tool, which he insists has gotten an undeservedly bad reputation.

Back Orifice 2000 (BO2K) is free, open source and available at www.bo2k.com (link below).

Q: How does BO2K work?

A: There are two parts: a client and a server. The server is installed on the target machine. The client, residing on another machine anywhere on the Internet, can now take control of the server.

MORE COMPUTING INTELLIGENCE
IDG.net   IDG.net home page
  Computerworld's home page
  New devices to foil PC snoops
  Your PC may be tapped
  Most hacks are inside jobs
 Reviews & in-depth info at IDG.net
  IDG.net's personal news page
  Year 2000 World
  Questions about computers? Let IDG.net's editors help you
  Subscribe to IDG.net's free daily newsletter for IT leaders
  Search IDG.net in 12 languages
 News Radio
 * Computerworld Minute
 * Fusion audio primers
   

This is actually a legitimate requirement. Perfectly respectable programs, like pcAnywhere or Microsoft Systems Management Server [SMS], do the same thing. They allow a network administrator to remotely troubleshoot a computer. If the server is installed on a computer without the knowledge or consent of its owner, the client can effectively "own" the victim's PC.

Q: Why has BO2K acquired a reputation as only a hacker's tool?

A: Back Orifice's difference is primarily marketing spin. Since it was written by hackers, it is evil.

That's wrong; pcAnywhere is just as much an evil hacking tool as Back Orifice.

Not only can the client perform normal administration functions on the server's computer -- upload and download files, delete files, run programs, change configurations, take control of the keyboard and mouse, see whatever is on the server's screen -- but it can also do more subversive things: reboot the computer, display arbitrary dialog boxes, turn the microphone or camera on and off, capture keystrokes and passwords. And there is an extensible plug-in language for others to write modules.

Q: How does BO2K run in stealth mode?

A: Unless the server's owner is knowledgeable (and suspicious), he will never know that Back Orifice is running on his computer.

Other remote administration tools, even SMS, also have stealth modes. Back Orifice is just better at it.

Because Back Orifice is configurable, because it can be downloaded in source form and then recompiled to look different... I doubt that all variants will ever be discovered.

BO2K's slogan is "show some control," and many will take that imperative seriously. Back Orifice will be used by lots of unethical people to do all sorts of unethical things. And that's not good.

Q: Back Orifice can't do anything until the server portion is installed on some victim's computer, right?

A: Yes. This means that the victim has to commit a security faux pas before anything else can happen. Not that this is very hard -- lots of people network their computers to the Internet without adequate protection.

Still, if the victim is sufficiently vigilant, he can never be attacked by Back Orifice.

Q: What about Microsoft?

A: One of the reasons Back Orifice is so nasty is that Microsoft doesn't design its operating systems to be secure. It never has.

In Unix, an attacker would first have to get root privileges. Not in Windows. There's no such thing as limited privileges or administrator privileges or root privileges. This might have made some sense in the age of isolated desktop computers. But on the Internet, this is absurd.

There are provisions to make Windows NT a very secure operating system, such as privilege levels in separate user accounts, file permissions and kernel object access control lists.

You have to make 300-plus security checks and modifications to Windows NT to make it secure. Microsoft refuses to ship the [operating system] in that condition.

Malicious remote administration tools are a major security risk. What Back Orifice has done is made mainstream computer users aware of the danger. There are certainly other similar tools in thehacker world -- one, called BackDoor-G, has recently been discovered -- some developed with much more sinister purposes in mind.

Microsoft responds to security threats only if they are demonstrated. Explain the threat in an academic paper and Microsoft denies it; release a hacking tool like Back Orifice and suddenly they take the vulnerability seriously.


RELATED STORIES:
Your PC may be tapped
September 23, 1999
Embassy site hackers aimed to show its vulnerability
September 8, 1999
New tool blocks wily e-comm hacker tricks
September 7, 1999
Hacker ruse can exploit ActiveX Controls
September 6, 1999
Back Orifice 2000 under control
July 15, 1999

RELATED IDG.net STORIES:
Hacker tool targets Windows NT
(Computerworld)
Does Back Orifice 2000 help or hinder your security efforts?
(InfoWorld)
Antivirus vendors post Back Orifice 2000 antidotes
(Computerworld)
Your PC may be tapped
(Computerworld)
You've been hacked! Now, what?
(The Industry Standard)
Most hacks are inside jobs
(PC World Online)
New devices to foil PC snoops
(PC World Online)
Year 2000 World
(IDG.net)
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

RELATED SITES:
cDc - Cult of the Dead Cow
Counterpane Internet Security Inc.
Back Orifice 2000 (BO2K)
Microsoft Corp.
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
 LATEST HEADLINES:
SEARCH CNN.com
Enter keyword(s)   go    help

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.