ISS Announces Protection from Back Orifice 2000.ATLANTA--(BUSINESS WIRE)--July 13, 1999-- ISS' Internet Scanner Updated to Detect and Centrally Control Installation of Potentially Dangerous Backdoor See trapdoor. Program On the heels of yesterday's announcement that it had decoded the newest threat to networks and PCs, Internet Security ''This article or section is being rewritten at Internet security is the process of protecting data and privacy of devices connected to internet from information robbery, hacking, malware infection and unwanted software. Systems (ISS ISS See Institutional Shareholder Services (ISS). ) (NASDAQ NASDAQ in full National Association of Securities Dealers Automated Quotations U.S. market for over-the-counter securities. Established in 1971 by the National Association of Securities Dealers (NASD), NASDAQ is an automated quotation system that reports on : ISSX ISSX Internet Security Systems Inc. (stock abbreviation, AMEX) ) today announced a critical countermeasure for Back Orifice A program that installs itself on a Windows machine as a server, allowing a cracker with the client counterpart to manipulate the machine more completely than the user at the keyboard. It can come in the form of a Trojan or ActiveX control. 2000 (BO2K (Back Orifice 2000) See Back Orifice. ). This new "backdoor" or "Trojan Horse See Trojan. Trojan Horse hollow horse concealed soldiers, enabling them to enter and capture Troy. [Gk. Myth.: Iliad] See : Deceit (application, security) Trojan horse " software program developed by hacker organization Cult of the Dead Cow CULT OF THE DEAD COW, also known as cDc or cDc Communications, is a computer hacker and DIY media organization founded in 1984 in Lubbock, Texas. The group maintains a weblog on its site, also titled "CULT OF THE DEAD COW". can be used to gain unauthorized access to and control of Microsoft Windows- and Windows NT-based PCs and networks. Detection capabilities for BO2K are now available to customers as a "Flex Check" update to ISS' Internet Scanner product and is available now on the ISS Web site (www.iss.net). Internet Scanner, the leading solution for network vulnerability assessment A Department of Defense, command, or unit-level evaluation (assessment) to determine the vulnerability of a terrorist attack against an installation, unit, exercise, port, ship, residence, facility, or other site. , is critical to backdoor detection and an important component of ISS' multi-faceted approach to enterprise information protection. Using today's Internet Scanner update, customers can centrally scan an entire network including multiple ports, identify the machines where BO2K has been installed, and alert system administrators if an intruder has disabled anti-virus software anti-virus software n → Antivirensoftware f - a critical clue that BO2K has been activated against a user's machine. The Internet Scanner BO2K Flex Check also includes important steps for removing Back Orifice if it is discovered on a network or machine. ISS plans to also release a countermeasure for BO2K in RealSecure(tm), ISS' leading intrusion detection system This article is about the computing term. For other uses, see Burglar alarm. An intrusion detection system (IDS) generally detects unwanted manipulations of computer systems, mainly through the Internet. . This will enable customers to monitor strategic network locations to identify the use of BO2K to break into computers. Vulnerability assessment and intrusion detection See IDS and IPS. are critical to identifying and terminating backdoor programs by going beyond traditional anti-virus software to detect the presence of backdoors on a system, alert customers if anti-virus software has been disabled, and identify when a connection attempt has been made from outside the network. In addition, ISS urges users to take the following important computer safety precautions: -- Do not open e-mail attachments, especially from non-trusted sources, -- Do not accept files from Internet Chat Systems as they inherently introduce vulnerabilities; and -- Be sure that if you are connected to the Internet, do not enable network file sharing without the proper security measures in place. Back Orifice 2000 Back Orifice 2000 is a new version of Back Orifice -- a backdoor program not a virus -- initially publicly released in July 1998 (http://xforce.iss.net/alerts/advise5.php3). Designed to be invisible to its victims, Back Orifice 2000 can be extremely harmful to end-users. Unlike a virus, BO2K is not self-replicating and must trick users into installing the program. Once installed it can easily be used to perform unauthorized actions without knowledge of the user. For example, BO2K can delete files, reconfigure machines, steal passwords, and redirect network traffic. Although BO2K can be viewed as a remote monitoring tool, its main purpose is to gain unauthorized control over another machine for reconfiguration and data collection. The features of this program, combined with the anonymous and malicious control of machines makes it especially dangerous in a networked environment. About Internet Scanner Internet Scanner, a critical component of ISS' SAFEsuite family of e-business risk management solutions, is the market's leading network-based vulnerability detection system for finding and fixing security weaknesses. It automatically scans a network, identifies a wide range of security vulnerabilities, and responds with in-depth reports and recommended corrective actions. Availability The Back Orifice 200 Internet Scanner Flex Check is available now for download from the ISS Web site (www.iss.net). For More Information About BO2K For the ISS X-Force Security Advisory and white paper on BO2K, please visit the ISS Web site at www.iss.net. About ISS ISS leads the market as the source for e-business risk management solutions, serving as a trusted security provider to 21of the 25 largest U.S. commercial banks and more than 35 government agencies. With its Adaptive Security Management approach, ISS enables information protection and continuous security improvement within Intranet, extranet and electronic commerce environments. Its award-winning SAFEsuite(R) product line is vital for protection in today's world of global connectivity, enabling organizations to proactively monitor, detect and respond to vulnerabilities and threats to enterprise information. Founded in 1994, ISS is headquartered in Atlanta, GA with additional offices throughout the U.S. and international operations in Belgium, France, Germany, Japan, Latin America and the UK. For more information, visit the ISS Web site at www.iss.net or call 800-776-2362. NOTE TO EDITORS: This release, other than historical information, includes forward-looking statements made pursuant to the "safe harbor Safe Harbor 1. A legal provision to reduce or eliminate liability as long as good faith is demonstrated. 2. A form of shark repellent implemented by a target company acquiring a business that is so poorly regulated that the target itself is less attractive. " provisions of the Private Securities Litigation Reform Act The Private Securities Litigation Reform Act of 1995 (PSLRA) implemented several significant substantive changes affecting certain cases brought under the federal securities laws, including changes related to pleading, discovery, liability, class representation and awards fees and of 1995. The risks and uncertainties which could cause actual results to differ materially from those in the forward-looking statements include, but are not limited to, the following: the level of demand for the Company's products; the volume and timing of orders; product and price competition; the Company's ability to expand its domestic and international sales and marketing organizations; the Company's ability to develop new and enhanced products; the Company's ability to attract and retain key personnel; the mix of distribution channels through which the Company's products are sold; the growth in the acceptance and use of the Internet and of private Internet-protocol networks or "intranets"; the extent to which unauthorized access and use of online information is perceived as a threat to network security; customer budgets; the assertion of infringement claims with respect to the Company's intellectual property; seasonal trends in customer purchasing; foreign currency exchange rates; general economic factors; and risks concerning the rapid change of technology. These risks and others are discussed in the Company's periodic filings with the Securities and Exchange Commission. These filings can be obtained either by contacting ISS Investor Relations Investor relations The process by which the corporation communicates with its investors. or through the Securities and Exchange Commission's Web site at "http://www.sec.gov". Internet Security Systems, RealSecure, Internet Scanner and SAFEsuite are trademarks of Internet Security Systems, Inc. All other companies and products mentioned are trademarks and property of their respective owners. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion