Vulnerability Development mailing list archives

RE: Covert Channels

From: "Roland Postle" <mail () blazde co uk>
Date: Sat, 19 Oct 2002 19:28:55 +0100

That's the beauty of it.  As soon as someone picks up on your channel
(if ever), you can change the method by simply utilizing another
field/protocol and you're back in business.


Let's not forget this may be a /covert/ channel for good reason. If
someone notices you're smuggling the data you may be caught /
compromised machine may be taken back / etc.., and you might not get
another chance.


Anyway, I found this interesting paper:

Eliminating Steganography in Internet Traffic with Active Wardens
http://public.lanl.gov/mfisk/papers/ih02.pdf

Ofc, it should really be called 'Limiting the Bandwidth of
Steganography...'

- Blazde

Current thread:

Re: Covert Channels, (continued)
- Re: Covert Channels kam (Oct 16)
  - Re: Covert Channels Valdis . Kletnieks (Oct 17)
    - RE: Covert Channels Ofir Arkin (Oct 18)
    - RE: Covert Channels Michal Zalewski (Oct 18)
    - Re: Covert Channels David Litchfield (Oct 18)
    - Re: Covert Channels Michal Zalewski (Oct 18)
    - RE: Covert Channels Ofir Arkin (Oct 19)
    - RE: Covert Channels Michal Zalewski (Oct 19)
    - Re: Covert Channels Dragos Ruiu (Oct 21)
    - Re: Covert Channels Roland Postle (Oct 22)
    - RE: Covert Channels Roland Postle (Oct 21)
  - RE: Covert Channels Jason Barbour (Oct 17)
  - Re: Covert Channels Alex Tibbles (Oct 17)
  - Re: Covert Channels MA (Oct 17)
    - Re: Covert Channels Roland Postle (Oct 17)
  - RE: Covert Channels Dom De Vitto (Oct 17)
    - RE: Covert Channels Jeff Nathan (Oct 19)
    - RE: Covert Channels Dom De Vitto (Oct 19)
- Re: Covert Channels Craig Baltes (Oct 17)
- Re: Covert Channels CJ Oster (Oct 17)
- Re: Covert Channels Rohit Sharma (Oct 17)

(Thread continues...)