Backdoor Programs

Posted on

It’s the ultimate nightmare for a computer user—the idea that someone outside the computer can take over. The official “technical” term is Remote Administration, but hackers are more likely to use the word Backdoor.

With Windows XP, remote administration comes pre-installed. Windows XP has an option called Remote Assistance, where an XP technician can “remote in” and take over your computer. The remote tech has as much control over your system as if he was sitting there at the keyboard.

The hackers predate Microsoft by several years.

NetBus, for example, was designed in 1998 by Carl-Fredric Neikter, and many of the backdoor programs since then have followed a similar design.

The program comes in two parts, the Client, and the Server. The server is the part that has to be installed on the machine to be hacked, and the Client is the controlling system. Once the Server program has been installed, the Client has almost total control, from dangerous things like recording keystrokes or launching programs to annoying things like opening the CD tray. Netbus 2.0 Pro was even marketed commercially as a remote administration program.

Some other backdoor programs are Back Orifice (which was named as a pun on Microsoft’s Back Office program), SubSeven, and Poison Ivy.

Any backdoor program allows an outsider full, unrestricted access to the hacked computer. The hacker can copy information off of the computer, activate webcams, even remotely shut down or crash the computer. Netbus and SubSeven are very popular among “script kiddies.”

In one major case in 1999, a law professor was fired and charged because system administrators found child pornography on his system. He was acquitted—almost five years later—when the court was shown that Netbus was used to copy the images onto the computer.

Most backdoor programs are easily stopped by antivirus and firewall programs.

Leave a Reply

Your email address will not be published. Required fields are marked *