Your Legal Blog

Bodetect Removes Back Orifice

Back Orifice - A Bit of Background...

Back Orifice really consists of two programs. The secretive server program resides in the host system of some usually-unwitting Netizen. The client program is used to communicate with BO servers on remote systems. It is the tool of the "remote administrators" who're causing so much havoc with BO.

In order to locate its victims - er, servers, the client program can perform ping sweeps. A ping is analogous to the familiar ping sound used by submarines. A packet of data, a sort of inquiry, is sent to a targeted address. If a BO server is online at that address, listening on the specified port, and if the ping packet contains the right password (if one is required), there will be a response. When there's a response, the client reports upon it to the operator. To facilitate locating servers, the client can sweep a series of IP (Internet Protocol) addresses, potentially many thousands of them. Every computer on the internet, including yours right now, has an IP address.


There are several programs that identify and remove Back Orifice: Most antivirus packages are able to identify Back Orifice (provided you use versions or files of the virus created after September 1998). So far no one is able to completely remove Back Orifice from your computer. But there is a solution. These are specially designed programs for removing BO. BoDetect has the ability to detect and remove Back Orifice programs.

For those really versed in the "black magic" called Registry Editor, the tutorial is here: http://www.nwi.net/~pchelp/bo/findingBO.htm

We repeat once again: only for those who know what they are doing: the registry is the nervous system of your computer. If something is wrong ... it's your own fault, get ready to reinstall the operating system, at best.


BODetect download here

Download via FTP you will also find it on the FSBO website.


LINK - Back Orifice ("BO") backdoor for Windows 95/98

Image of Bodetect Removes Back Orifice