|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How to find and get rid of Back Orifice
- To: NTBUGTRAQ
LISTSERV.NTBUGTRAQ.COM - Subject: Re: How to find and get rid of Back Orifice
- From: Russ <Russ.CooperRC.ON.CA>
- Date: Thu, 13 Aug 1998 14:47:46 -0400
- Comments: To: Tracy R Reed <treedULTRAVIOLET.ORG>
- Reply-To: Russ <Russ.CooperRC.ON.CA>
- Sender: Windows NT BugTraq Mailing List <NTBUGTRAQLISTSERV.NTBUGTRAQ.COM>
I meant to reply to this some time ago, but since my original message on this issue is now linked from Microsoft's site, its become even more important. On Wed, 5 Aug 1998, Russ wrote: >introduction method is going to do the demonstration, not BO. BO simply >demonstrates a well known fact, if you can get a user to install your >program on their machine, you can own that machine. Gee, I think that's >possible in every OS, isn't it? Yup, I said that. What I didn't say, but should have, is that Windows '9x makes all users the equivalent of ROOT, or Administrator, or whatever SuperUser name you want to imagine. Without 3rd party tools or sysdiff-type network loading of the OS, every user of a Win9x box has complete control over that box. As such, my thinking in making the above statement was that regardless of the OS, if the user has such privileges and runs someone's installation, that program could own the box. Obviously this has been misconstrued by a lot of folks to mean that all OS' are equally insecure as Win9x. THAT WAS NOT MY INTENT! Win9x has no concept of reliable security...no auditing, no user protection, no console restrictions through the UI...(what do you mean I'm not allowed, I'll just log off as that user and make another one up!...disconnect from the network and all network enforcement disappears...and so on). Guess this is why I don't like having discussions about Win9x on NTBugtraq. Thanks to those who bashed me with Multics and such...I even had to remember my MPM days...;-] Cheers, Russ
- Prev by Date: IE080898.EXE info from DataFellows
- Next by Date: Re: IE080898.EXE info from DataFellows
- Prev by thread: Re: How to find and get rid of Back Orifice
- Next by thread: Any Sniffed Back Orifice :-)
- Index(es):