Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Special pages
Niidae Wiki
Search
Search
Appearance
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
Back Orifice 2000
(section)
Page
Discussion
English
Read
Edit
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
View history
General
What links here
Related changes
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== Controversy == Back Orifice and Back Orifice 2000 are widely regarded as [[malware]], tools intended to be used as a combined [[rootkit]] and [[Backdoor (computing)|backdoor]]. For example, at present many [[antivirus software]] packages identify them as [[trojan horse (computing)|Trojan horses]].<ref>[https://web.archive.org/web/19991021223522/http://symantec.com/press/1999/n990712.html Symantec press release], dated 12 July 1999, accessed 8 August 2006</ref><ref>[http://www.iss.net./prReleases/pr_14513.html ISS press release]{{Dead link|date=June 2019 |bot=InternetArchiveBot |fix-attempted=yes }}, dated 13 July 1999, accessed 8 August 2006</ref><ref>[http://www.trendmicro.com/en/about/news/pr/archive/1999/pr071299.htm Trend Micro press release] {{Webarchive|url=https://web.archive.org/web/20070311035454/http://www.trendmicro.com/en/about/news/pr/archive/1999/pr071299.htm |date=2007-03-11 }}, dated 12 July 1999, accessed 8 August 2006</ref><ref>[http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=1770 CA threat description] {{Webarchive|url=https://web.archive.org/web/20070312000845/http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=1770 |date=2007-03-12 }}, dated 30 November 2005, accessed 8 August 2006</ref><ref>[http://www.f-secure.com/v-descs/bo2k.shtml F-secure threat description], accessed 8 August 2006</ref> This classification is justified by the fact that BO2k can be installed by a Trojan horse, in cases where it is used by an unauthorized user, unbeknownst to the system administrator. There are several reasons for this, including: the association with cDc; the tone of the initial product launch at DEF CON<ref>[http://www.cnn.com/TECH/computing/9907/21/badrap.idg/ CNN.com report "Bad rap for Back Orifice 2000?"], dated 21 Jul 1999, accessed 8 August 2006</ref> (including that the first distribution of BO2k by cDc was infected by the [[CIH (computer virus)|CIH]] virus<ref>[https://web.archive.org/web/20070311051432/http://news.zdnet.com/2100-9595_22-515160.html ZDNet news "Back Orifice CDs infected with CIH virus"], dated 14 July 1999, accessed 8 August 2006</ref>); the existence of tools (such as "Silk Rope"<ref>{{Cite web |url=http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=BKDR%5FORIFICE%2EADD |title=Trend Micro threat description |access-date=2020-06-21 |archive-url=https://web.archive.org/web/20021020021916/http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=BKDR_ORIFICE.ADD |archive-date=2002-10-20 |url-status=live }}</ref>) designed to add BO2k [[Dropper (malware)|dropper]] capability to self-propagating malware; and the fact that it has actually widely been used for malicious purposes.<ref>[http://seclists.org/incidents/2000/Oct/0010.html Insecure.org mailing list archive], Rik van Riel report dated 3 October 2000, accessed 8 August 2006</ref><ref>[http://www.securityfocus.com/news/11324 Security Focus "Airport PCs stuffed with meaty goodness"], dated 21 September 2005, accessed 8 August 2006</ref><ref>[http://www.microsoft.com/technet/security/alerts/info/inforat.mspx Microsoft Security Administrator article "Danger: Remote Access Trojans"], September 2002 edition, accessed 8 August 2006</ref> The most common criticism is that BO2k installs and operates silently, without warning a logged-on user that remote administration or surveillance is taking place.<ref>[http://www.schneier.com/crypto-gram-9908.html#BackOrifice2000 Bruce Schneier's Crypto-Gram Newsletter], dated 15 August 1999, accessed 8 August 2006</ref> According to the official BO2k documentation, the person running the BO2k server is not supposed to know that it is running on their computer.<ref>{{Cite web |url=http://bo2k.sourceforge.net/docs/bo2k_1_1_5/BasicTutorial.html |title=Official BO2k Documentation: Basic Setup |access-date=2007-05-10 |archive-url=https://archive.today/20120710140604/http://bo2k.sourceforge.net/docs/bo2k_1_1_5/BasicTutorial.html |archive-date=2012-07-10 |url-status=dead }}</ref> BO2k developers counter these concerns in their ''Note on Product Legitimacy and Security'', pointing out—among other things—that some remote administration tools widely recognized as legitimate also have options for silent installation and operation.<ref>{{Cite web |url=http://bo2k.sourceforge.net/docs/bo2k_legitimacy.html |title=Legitimacy |access-date=2006-08-05 |archive-url=https://web.archive.org/web/20050407210233/http://bo2k.sourceforge.net/docs/bo2k_legitimacy.html |archive-date=2005-04-07 |url-status=dead }}</ref>
Summary:
Please note that all contributions to Niidae Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Encyclopedia:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Search
Search
Editing
Back Orifice 2000
(section)
Add topic
