ARCHIVED: What is Back Orifice?

This content has been archived, and is no longer maintained by Indiana University. Information here may no longer be accurate, and links may no longer be available or reliable.

Back Orifice (named in response to Microsoft's Back Office application suite) is a Trojan horse that was first released in August 1998. It specifically infects Windows 95, 98, and NT computers.

Back Orifice (and related Trojans such as Netbus and SubSeven) can arrive disguised as a component of practically any software installation. It usually comes attached to other files or programs, but it can run on its own. It must be run, by itself or by another application, to infect a computer. It installs itself in seconds as a remote administration tool, typically erases its original version, then may run a specified program. An infected application will appear to install normally. From that moment forward, any time you connect your computer to the Internet, anyone with the corresponding Back Orifice programs can access your computer.

If Back Orifice is running on your computer, a remote operator anywhere on the global Internet can potentially gain full access to your computer, without any outward indication of the operator's presence.

To protect yourself from Back Orifice and its variants, be sure you are running an updated virus protection package, such as Norton/Symantec AntiVirus. For more information, see the Knowledge Base documents ARCHIVED: In Symantec/Norton AntiVirus for Windows, how do I schedule automatic LiveUpdates and virus scans? and ARCHIVED: Avoiding computer viruses.

For more information concerning Back Orifice and its variants, visit these sites:

Symantec

  http://www.symantec.com/avcenter/venc/data/back.orifice2000.trojan.html

ZDNet

  http://zdnet.com.com/2100-11-511507.html

Computer Associates

  http://www3.ca.com/threatinfo/virusinfo/virus.aspx?id=9740

This is document ahjg in the Knowledge Base.
Last modified on 2018-01-18 12:30:14.