Cyber Security Expo
The Implementation of Passive Covert Channels in the Linux Kernel by Joanna Rutkowska on 04/03/05

The idea is pretty simple we do not generate our own traffic (i.e. packets) but only change some fields in the packets which are normally generated by the compromised computer. Of course, that requires that the attacker control one of the computer which receives at least most of the traffic from the compromise host, like enterprise gateway, router, etc... For example, such passive covert channels can be used by malicious ISP employees to spy on ISP's customers.

This document is in PDF format. To view it click here.

Rate this article

All images, content & text (unless other ownership applies) are © copyrighted 2000 -  , All rights reserved. Comments are property of the respective posters.