funsec mailing list archives

Re: Covert channel, not steg

From: Robert Graham <robert_david_graham () yahoo com>
Date: Fri, 29 May 2009 18:42:47 -0700 (PDT)


--- On Thu, 5/28/09, Rob, grandpa of Ryan, Trevor, Devon & Hannah <rMslade () shaw ca> wrote:

http://www.theregister.co.uk/2009/05/28/tcp_steganography/


"In the context of RSTEG, a sender replaces original payload with a steganogram instead of sending the same packet 
again," 

Most network intrusion-detection systems will detect this. This has been a standard feature of network intrusion 
detection for 10 years.



      
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Covert channel, not steg Rob, grandpa of Ryan, Trevor, Devon & Hannah (May 28)
- <Possible follow-ups>
- Re: Covert channel, not steg Robert Graham (May 29)