Thereis a general misconception about security today. Most people would love tobelieve that their firewalls are completely capable to protect them fromanything indecent. The sad part, they could not be more wrong. Hungry Hackeraim to prove it with three separate programs that can compromise the securityof computers.
You have the opportunity to say “What’s a backdoor?”
Yes, theseprograms were created in 1990, but still pose a real threat today. It is thefirst two that are still being developed.
Usingthese programs any noob can remotely access your computer without anyAuthentication and do whatever he wants. I will tell you some of the featuresrest of them you need to try it and find out.
These Programs :
- Work as a key logger.
- Send any Information from Victim’s PC to the Hacker’s PC.
- Run any program on the Victims PC.
- Display any Violating Image on victim’s Screen.
- Open the CD Drive of the Victim’s PC.
- Open any Web page on the Victims Screen.
- Disable any Specific Key or whole Keyboard.
- Shutdown Victim’s PC.
- Start a Song on the Victim’s PC.etc.etc…………..
BackOrifice / Back Orifice 2000
BackOrifice is one of the most common backdoor programs, and one of the mostdeadly. The name may seem like a joke, but sure, the threat is real. BackOrifice was established in Cult of the Dead Cow group. Back Orifice is an OpenSource Program. The main Threat of this software is that by making some changesin the code anybody can make it undetectable to the Anti virus Program runningon the Victim’s computer. Apart from the strange title, the program usuallygets port 31337, the reference to “Lit” phenomenon is popular among hackers.
BackOrifice uses a client-server model, while the server and client is the victimattacker. What makes Back Orifice so dangerous that it can install and operatesilently. There is not required interaction with the user in, meaning you couldits on your computer right now, and do not know.
Companiessuch as Symantec have taken steps to protect computers against programs thatthey consider dangerous. But even more attacks using Back Orifice 2000. This isdue partly to the fact that it is still evolving, as open source. As stated inthe documentation the goal is ultimately the presence of the Back Orifice 2000unknown even to those who installed it.
BackOrifice 2000, developed for Windows 95, Windows 98, Windows NT, Windows 2000and Windows XP.
Wherecan I download Back orifice 2000?
BackOrifice 2000 can be downloaded at the following address: http://sourceforge.net/projects/bo2k/
Iinfected! How do I remove it?
RemovingBack Orifice 2000 may require that you change the registry settings. To removeit at 7 simple steps, refer to the diagram below.
Howdo I delete Back orifice 2000
- Click Start - Run, and type “Regedit”(without the quotes)
Follow the path below:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
- Now looking in the right box: “The umgr32 = ‘c: \ windows \ system \ umgr32.exe”
- Right-click on this entry and click Remove. Now restart your computer.
- After restarting only open Windows Explorer. Make sure you can see all registered extensions. To do so, select “View Options and configure the appropriate settings.
- Go to the WINDOWS \ SYSTEM directory, and find “umgr32.exe” file. Once you find it, delete it.
- Exit Windows Explorer and reboot again.
NetBus/ Netbus 2.0 Pro
NetBuswas established around the same time that the Back Orifice was in the late1990′s. NetBus was originally designed as a program prank friends and family,of course anything too malicious. However, the program was released in 1998,and is widely used as a backdoor to manage computer.
Likethe Back Orifice, NetBus allows attackers to do virtually everything in thecomputer victim. It also works well under Windows 9x systems, as well asWindows XP. Unlike Back Orifice, the latest version of NetBus regardedshareware is not free. NetBus is also implementing less stealthy operations, asa direct result of criticism and complaints of abusive use.
Wherecan I buy and download NetBus?
NetBuscan be purchased and downloaded at the following address:http://www.netbus.org/
Ok,I am infected. Now what?
Fortunately,the latest version of NetBus is a valid program. It can be removed just likeany other program. Previous issuance NetBus is a bit more tricky, however. Ifyou are not lucky enough attacked with the latest version, the withdrawalprocess and in the Back Orifice.
Howdo I remove NetBus?
- Click Start - Run, and type “Regedit ‘(without the quotes)
- Follow the path below: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices “
- Now, in the right box, looking as follows: “[Name_of_Server]” Exe Of course, you have to find the actual name of this file EXE-. Usually This” Patch.exe ‘or’ SysEdit.exe “, but may vary.
- Reboot and remove all traces of the actual program, which can be left. Additionally, you can set yourself NetBus, and then use its own function disposal.
SubSeven / Sub7
SubSevenor Sub7, has been established for the same purpose was to NetBus pranks. Sub7actually has more support for pranks, and has more advanced users. Sub7 alsowidely used by the script kiddies, although that many firewalls and anti-virussoftware before initialization.
SinceSub7 not supported for several years, the threat is usually very low. Mostsecurity programs will not have any problem in ending Sub7 before it has achance to be started. This shows that the importance to the modernization andsecurity programs is critical, because the money was still there.
Nevertheless,it is widely used by those who have physical access to your firewall, orsecurity programs. If access rights, the tool will work without restrictions.
Where can I buy and download Sub7?
Sub7not supported more, and hence is not available for download on any legitimatewebsites. If you were to make a Google search, you would find links to downloadSub7. However, this is not the official site, and should be considered dubiousand dangerous.
Sounds harmless, How do I remove it?
- End of the following processes through the curator: “editserver.exe, subseven.exe”
- Delete the following files: “editserver.exe, subseven.exe, tutorial.txt”
Why these programs is absolutelylegitimate?
Allthe basis behind these programs is that they are designed to help people, notharm. While some like NetBus really were originally created for pranks, theyswitched routes to avoid legal problems.
Theseprograms claim to be the legitimate remote desktop program, although theycertainly easily used for malicious use. These programs really should be usedto aid or customer support departments. Why all adolescents is to copy theseprograms goes beyond us, but leave the content of their networks, whilecomputer is a good idea.
Theadvent of new technology has made these programs in some respects lesseffective. However, programs such as Back Orifice 2000, yet still evolving, sodo not be surprised to learn that he works in the background, waiting forinstructions. Since the best defense is a good offense, be sure to save a sharpeye on what is installed on the network computers. After all, an ounce ofprevention is worth a pound of cure.
0 comments:
Post a Comment