ad info




[an error occurred while processing this directive]
CNN.com
MAIN PAGE
WORLD
ASIANOW
U.S.
LOCAL
POLITICS
WEATHER
BUSINESS
SPORTS
TECHNOLOGY
computing
personal technology
space
NATURE
ENTERTAINMENT
BOOKS
TRAVEL
FOOD
HEALTH
STYLE
IN-DEPTH

custom news
Headline News brief
daily almanac
CNN networks
CNN programs
on-air transcripts
news quiz

CNN WEB SITES:
CNN Websites
TIME INC. SITES:
MORE SERVICES:
video on demand
video archive
audio on demand
news email services
free email accounts
desktop headlines
pointcast
pagenet

DISCUSSION:
message boards
chat
feedback

SITE GUIDES:
help
contents
search

FASTER ACCESS:
europe
japan

WEB SERVICES:
COMPUTING

Hackers - Insurgency on the Internet
Main Page | Bracing for Cyberwar | Hacking Primer | Scenes from the 'Hacker Underground' | Hacking: Two Viewpoints | Timeline | Gallery | News Archive | Discussion | Related Sites

From...
PC World

Back Orifice 2000 under control

ALSO:
The evil and traumatic side of Windows NT

July 15, 1999
Web posted at: 9:35 a.m. EDT (1335 GMT)

by David Needle

(IDG) -- "We have it under control." That was the message from antivirus vendors responding to Back Orifice 2000, the new Trojan horse.

"There is no panic. It hasn't been out there long enough, and we don't anticipate it's going to be a problem for our customers," said Darren Kessner, a senior virus researcher at Symantec's antivirus research center.

When BO2K, as the program is also known, was released last Saturday, Symantec put a team of engineers and others to analyze the virus. They developed a fix by Sunday morning. Competitors such as Network Associates and smaller players such as Moosoft Development also responded quickly with antidotes to the BO2K, which are available at each company's Website.

Danger still looms

While there are a range of preventable options and fixes in place, BO2K can pose a serious threat if undetected. The program is usually distributed as an attachment via e-mail. The attachment could be named something innocuous such as joke.exe. But when executed, BO2K turns control of the desktop system over to a remote user who can view, delete, or change files.

BO2K was released last Saturday at the DefCon VII computer show in Las Vegas. Because the source code for BO2K was released publicly, security experts are also concerned more pernicious variations of the virus may inevitably be developed.
MORE COMPUTING INTELLIGENCE
IDG.net IDG.net home page
PC World home page
FileWorld find free software fast
Make your PC work harder with these tips
Reviews & in-depth info at IDG.net
* IDG.net's desktop PC page
IDG.net's portable PC page
IDG.net's Windows software page
IDG.net's personal news page
Year 2000 World
Questions about computers? Let IDG.net's editors help you
Subscribe to IDG.net's free daily newsletter for computer geniuses (& newbies)
Search IDG.net in 12 languages
News Radio
* Fusion audio primers
* Computerworld Minute

Windows NT has earned a reputation for being more secure than Microsoft's other desktop operating systems, Win 95 and 98, but is still vulnerable--as are most, if not all operating systems--to Trojan horses.

"Back Orifice 2000 is not technically a virus because it does not self-replicate or propagate," said a Network Associates advisory.

The company's antivirus emergency response team rates BO2K as a "medium" threat due to its destructive qualities, wide exposure and availability, balanced by relatively few outbreaks at customer sites and widespread advance notice of BO2K.

Protect yourself

"The most important thing users can do is to not to run attachments you aren't sure about," said Symantec's Kessner.

BO2K is "something very standard, that we've dealt with for a long time," adds Kessner. "It's no greater threat than earlier Trojan horses."

Most antivirus vendors also offer 30-day free trial versions of their software from their Website for download. The Network Associates site will also scan your system for BO2K.

But probably the most inexpensive full-blown solution comes from Moosoft, which specializes in solutions to Trojan horse programs. Moosoft's The Cleaner, Version 2.1, is available for download at $19.95, and scans for and eliminates BO2K files. The company also offers a 30-day free trial.
Hackers
  • Bracing for Cyberwar
  • Hacking Primer
  • Hacking: Two Views
  • Timeline
  • Gallery
  • Discussion
  • TIME: Counterhacking 101
  • Related Sites

  • Moosoft has identified 128 Trojan horse programs handled by The Cleaner, and claims the fastest scan engine in the industry, according to company spokesman Robert Dyke. The Cleaner scans files, drives or directories as specified by the user, though it does not operate in the background to automatically check as the more expensive programs from Symantec and Network Associates do.

    PC lock-down

    Another line of defense against BO2K is ZoneAlarm, from Zone Labs, which the company released Tuesday as a free adjunct to antivirus software for Win 95, 98, NT and 2000. ZoneAlarm prompts users for permission any time a program coming from the Internet tries to install itself on the user's PC.

    Another feature called Internet Lock prevents all applications from sending or receiving data unless authorized by the user. ZoneAlarm also includes an Automatic Lock feature that secures the PC anytime a screen saver is activated or after a specified period of inactivity.

    "While firewalls, antivirus programs, and intrusion-detection applications provide a high level of security for connected PCs, they cannot prevent a rogue program that slips by these defenses from stealing information and transmitting it over the Internet," said Zone Labs President Gregor Freund. "The ZoneAlarm Internet security utility provides an additional and crucial level of security by letting users control and monitor Internet access on a per-application basis in real time."


    SPECIAL:
    Insurgency on the Internet

    RELATED STORIES:
    New and improved Back Orifice targets Windows NT
    July 7, 1999
    FBI on offensive in 'cyber war,' raiding hackers' homes
    June 24, 1999

    RELATED IDG.net STORIES:
    Hack-a-thon demos the latest chaos
    (PC World Online)
    Companies brace for Trojan Horse
    (PC World Online)
    Hacker tool targets Windows NT
    (PC World Online)
    Hackers gather in Vegas
    (PC World Online)
    Hacker group tries to convince world its Back Orifice tool is legit
    (Network World Fusion)
    BackOrifice 2000 released with great fanfare at DefCon
    (InfoWorld Electric)
    Remedies online for Back Orifice 2000
    (IDG.net)
    Note: Pages will open in a new browser window
    External sites are not endorsed by CNN Interactive.

    RELATED SITES:
    Symantec Antivirus Research Center
    Norton Antivirus
    Network Associates
    Moosoft Development
    Zone Labs
    Note: Pages will open in a new browser window
    External sites are not endorsed by CNN Interactive.
    LATEST HEADLINES:
    SEARCH CNN.com
    Enter keyword(s) go help

    Back to the top 2001 Cable News Network. All Rights Reserved.
    Terms under which this service is provided to you.
    Read our privacy guidelines.