Backorifice has various encryption plugins that encrypt the data packets, couple those with STCPIO which encrypts the header and most firewalls wouldn't be able to identify that packet as a backorifice packet. The only real solution is to limit what ports a PC has access to on the Internet, use a proxy server for web browsing, and use NAT to separate the network PCs from the outside world. -Jeremy > -----Original Message----- > From: Tony Hammitt [mailto:thammitt@kc.rr.com] > Sent: Thursday, March 22, 2001 9:39 PM > To: Kansas City Linux Users Group > Subject: Re: Uh-oh... > > > Synopsis: There may be 'spyware' on 'doze boxes that is reporting > all sorts of info on users. This spyware may be in the form of > desktop toys. > > Yes, this would be pretty scary for busineses. Yet another reason > to use Linux. > > But do we need to go so far as to have all busineses employing PFY's > to run packet sniffers looking for uninvited data? There is pretty > much no way to know whether the data that is leaving the local > network contains valuable data if that data is encrypted. I guess > we'll have to monitor the network usage of all of the programs > somehow. Can BackOrifice do this for windoze? It seems like the > kind of tool that would have this functionality... > > As I've mentioned before, even 'tar' opens network connections, but > just to the NIS system to check on what usernames to assign to > files. It seems like this kind of behavior is going to get more > common. Where should we draw the line? > > We, the Open Source community, should set the standard for > respecting the privacy of the users. If we send tracking data > somewhere, the user should be told and given a chance to object. > Just my opinion. > > Have a good evening, > > Tony > > P.S. I'm glad that I missed out on the latest flamewar. Usually I > start them (always with the best intentions), it's a nice change... > > Lowell wrote: > > > > czech it out: > > > > http://www.boardwatch.com/bw/mar01/Mean_Streets.htm > > -- > > "My reality check just bounced!" > > >