Jan Whitaker
JLWhitaker Associates \--------/ - jwhit@primenet.com
Edu/Comm Technology Consultant ---/ - Video and Internet Specialities
Melbourne, VIC, Australia \----/ - http://www.primenet.com/~jwhit/
---------------------------------------------------------------------
Business and Professional Women Melbourne Club: http://www.bpw.asn.au
Board member: Electronic Frontiers Australia: http://www.efa.org.au
---------- Forwarded message ----------
Date: Wed, 30 Sep 1998 22:59:36 +1000
From: "Eric J. Yeomans" <ericyeo@mentor.apana.org.au>
Reply-To: 17group discussion list <17group@list.to>
To: Jan Whitaker <jwhit@primenet.com>
Subject: [17group] Beware the back door
FYI
Beware of the worst Net 'nasty'
By GARTH MONTGOMERY
29sep98
LEADING ISPs have issued warnings about a remote-administration tool
that is being described as "the nastiest and most dangerous" ever seen
on the Internet.
Melbourne-based Internet provider Connect has posted warnings on its
home page about the software, called BackOrifice.
The warnings have been sparked by an unofficial tip from a Monash
University engineering student that BackOrifice was being used against
Australians.
The freeware can be used to intercept users' names and passwords as
they log onto the Net.
BackOrifice has two components. The first installs itself on PCs after
being downloaded on the back of Internet utilities, or interactive
animations commonly sent with e-mail.
It is impossible for users to detect the installation.
Anyone with the server component of BackOrifice is, in effect,
exposing
everything on their hard drive to a potential hacker with the
BackOrifice
client.
This means a hacker has simple access to a user's name and password
for an Internet account stored in the Windows dial-up panel, as well
as
other files.
This tool cannot be used against Apple machines.
Connect managing director John Stuckey found out about BackOrifice
after taking a call from The Australian.
A day later, he posted warnings about the "Trojan horse".
"ISPs should do everything in their power to help customers avoid
BackOrifice," Mr Stuckey said.
"I have made it the number one priority at Connect to provide as much
information as possible to protect users.
"We have put up warnings on our home page as well as e-mails to all
subscribers about BackOrifice.
"As soon as we find a cleaner, it will be available for everyone. I
don't
want this menace to harm the users on my network."
The Monash student who tipped off The Australian claimed 2 per cent
of one ISP's customer base (not Connect's) had been infected.
He said passwords could be used to rack up hours on someone else's
account, as well as to gain access to personal details such as
addresses, by using the self-serve page on ISP Web sites.
Internet Industry Association director Peter Coroneos said the issue
of
an ISP's role was a grey area.
"Simply because something is on the Internet doesn't mean it's the
ISP's job to intervene," he said.
"It's not unreasonable for an ISP to provide information regarding
anything that is an imminent risk to users."
The issue of whether ISPs should provide security was arousing
attention, OzEmail chief executive officer Sean Howard said .
"If ISPs start to get involved in issues such as BackOrifice, it then
becomes a question of whether customers can expect absolute security
from that moment onwards," he said.
More information:
http://www.microsoft.com/security/bulletins/ms98-010.htm
www.shake.net
www.connect.com.au
#>- -<#
To UNSUBSCRIBE or SUBSCRIBE or just get a daily DIGEST send that one word in the body of an e-mail to 17group-request@list.to
Our archive is at: http://www.list.to/srv/WebArchive?id=_hKRCrjUWX71Pxkv0KURpAQ=
Advertisment;
VP Mail costs only AUS $1 per megabyte of mail on this mailing list. Donate to this list and stop these advertisments !
http://list.to/srv/Donate?id=_hKRCrjUWX71Pxkv0KURpAQ=