covert channels
Hi there,
I found out with great interest about covert channels and covert communication some time ago I thought I must add this type of information to my INFOSEC knowledge. So if someone wants to talk about covert channels from a theoretical and practical but educational perspective he/she is welcomed. Any thoughts, links, books, tools etc .... Until now I've studied about steganography and little about hiding info in network traffic (tcp, udp , icmp etc.) I liked steghide (linux and windows version) and stegdetect for hiding/finding info in images and audio files. Interesting is also hyden which embeds info in any binary file. Covert Channel Tunnelling Testing (cctt) should also be mentioned. I am waiting for you comments on this subject. all the best, ddaas |
I thought this would be an interesting discussion...
No Feedback? |
I thought this would be an interesting discussion...
No Feedback? Maybe then you could break the ice with some examples and links? Maybe pose a question that has the potential to lead to a discussion? Maybe narrow the scope a bit as well. Covert channels is quite a wide topic. |
http://gray-world.net/
There's a great deal of papers & software on the subject. |
1) cctt (covert channel tunnelling tool) seems also a great tool for making arbitrary tcp/udp tunnels and for passing firewall rules.
2) I found out very interesting how hyden uses steganography and hides data in binary files. Your /bin/ls cound carry a text file and it is guarateed from the author (I I've tested it) that the file size doesn't change a bit after the other file is embedded. The algorithm works based on the redundant instruction set of the x86. An inconvenient is that this redundant instructions are limited and the data hidden rate is only 1/110 comparing with steganography in images which has a rate of 1/17 - hidded data/cover data 3) A nice book is http://www.syngress.com/catalog/?pid=3140 It is not very technical and is like a story, but in the end you find out how much you have learnt. 4) Other links: http://www.sarc-wv.com/ http://www.jjtc.com/pub/r2026.pdf http://www.fbi.gov/hq/lab/fsc/backis...research01.htm |
Very interesting is how a secret message could be hidden in a inocent text (or not so inocent).
http://www.spammimic.com What other tools for creating null ciphers do you know? |
Quote:
|
All times are GMT -5. The time now is 04:31 PM. |