X

Back Orifice 2000 makes its debut

Is BO2K a malicious application or a legitimate tool to manage and secure computer networks?

Scott Ard Former Editor in Chief, CNET
CNET former Editor in Chief Scott Ard has been a journalist for more than 20 years and an early tech adopter for even longer. Those two passions led him to editing one of the first tech sections for a daily newspaper in the mid 1990s, and to joining CNET part-time in 1996 and full-time a few years later.
Scott Ard
2 min read
Back Orifice 2000, a much-anticipated and feared "Trojan horse" software program, was released today as expected at the DefCon convention in Las Vegas.

The self-described hacker group Cult of the Dead Cow released the software, which it calls an administration tool for NT networks. However, Microsoft, whose Windows NT operating system is targeted by the group, continues to call BO2K "a very malicious, destructive program."

A boisterous and supportive crowd of several hundred DefCon attendees repeatedly roared their approval as the software's features were touted by "Dildog," BO2K's author and a Cult of the Dead Cow member.

The BO2K presentation had a professional air to it, despite the two rotating crosses and cow's head silhouettes that were projected onto the sides of the stage.

The program is expected to be released at the BO2K Web site, although it did not appear to have been posted by late afternoon.

Debate has raged over whether BO2K (a pun on Microsoft's Back Office server suite) is a beneficial tool or a piece of software that makes it easy for malicious hackers to gain unauthorized entry to computers. The controversy is reminiscent of Dan Farmer's 1995 release of SATAN, or Security Administrator Tool for Analyzing Networks.

The version released today represents an upgrade to the original application Cult of the Dead Cow released at last year's DefCon, which has registered 300,000 downloads. BO2K is open-source and accepts plug-ins, making it likely that malicious variants will be created.

On Cult of the Dead Cow's Web site, the groups boasts that with BO2K "sysadmins will have at their disposal a professional open-source application, free of charge." But it adds, "Unfortunately for Microsoft, Back Orifice 2000 could bring pressure on the software leviathan to finally implement a security model in their Windows operating system. Failure to do so would leave customers vulnerable to malicious attacks from crackers using tools that exploit Windows' breezy defenses."

Microsoft has posted a list of frequently asked questions about BO2K and urges "safe computing practices" such as not running software programs downloaded from the Internet or attached to email if they come from unknown sources.

In the wake of BO2K's release, makers of antivirus and intrusion detection software are expected to post patches to block BO2K.

Software maker Computer Associates, for example, states on its Web site that the company's "global antivirus research team is working round the clock to counter the threat."