Vulnerability Development mailing list archives
RE: Covert Channels
From: "Roland Postle" <mail () blazde co uk>
Date: Sat, 19 Oct 2002 19:28:55 +0100
That's the beauty of it. As soon as someone picks up on your channel (if ever), you can change the method by simply utilizing another field/protocol and you're back in business.
Let's not forget this may be a /covert/ channel for good reason. If someone notices you're smuggling the data you may be caught / compromised machine may be taken back / etc.., and you might not get another chance. Anyway, I found this interesting paper: Eliminating Steganography in Internet Traffic with Active Wardens http://public.lanl.gov/mfisk/papers/ih02.pdf Ofc, it should really be called 'Limiting the Bandwidth of Steganography...' - Blazde
Current thread:
- Re: Covert Channels, (continued)
- Re: Covert Channels kam (Oct 16)
- Re: Covert Channels Valdis . Kletnieks (Oct 17)
- RE: Covert Channels Ofir Arkin (Oct 18)
- RE: Covert Channels Michal Zalewski (Oct 18)
- Re: Covert Channels David Litchfield (Oct 18)
- Re: Covert Channels Michal Zalewski (Oct 18)
- RE: Covert Channels Ofir Arkin (Oct 19)
- RE: Covert Channels Michal Zalewski (Oct 19)
- Re: Covert Channels Dragos Ruiu (Oct 21)
- Re: Covert Channels Roland Postle (Oct 22)
- Re: Covert Channels Valdis . Kletnieks (Oct 17)
- Re: Covert Channels kam (Oct 16)
- RE: Covert Channels Roland Postle (Oct 21)
- Re: Covert Channels Roland Postle (Oct 17)
- RE: Covert Channels Jeff Nathan (Oct 19)
- RE: Covert Channels Dom De Vitto (Oct 19)