Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Interesting idea for a covert channel or I just didn't research enough?

From: Michael Holstein <michael.holstein () csuohio edu>
Date: Thu, 06 Oct 2005 09:49:57 -0400
attacker sends packets -> packets are dropped by firewall -> packets properties are captured in logs -> backdoor reads logs and finds encoded commands -> commands are executed
As a covert channel? .. no, it's a waste. Once you have the access to set that up, you could establish any number of more efficient schemes.
As a way to do a "remote wake-up" though .. it might have some promise .. but it still depends on too many other variables. 

~Mike.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: