Hackers look to hide communications
- Subject: Hackers look to hide communications
- From: Gary Stoneburner <gary.stoneburner@nist.gov>
- Date: Tue, 05 Aug 2003 09:35:29 -0400
- Content-Type: multipart/alternative; boundary="=====================_320847937==.ALT"
re:
http://zdnet.com.com/2100-1105_2-5058535.html
Thought you might find this interesting.
"The technique essentially creates a covert channel for
communications by hiding four characters of data in the header's initial
sequence number (ISN) field.forge ... the source of the
IP address to look like the intended recipient of the information, while
the destination IP addresses points to another third-party server on the
Internet. ... The hacker would then send off a data packet to
the third-party server with any valid-looking information in the data
fields, but the real message would be hidden in four bytes of the ISN
field."
" The move to the next-generation Internet Protocol, IP version 6,
will make it harder to spoof the address of the sender but will allow far
more data to be hidden within the headers of the packets, Loveless
said. ... "There's a lot more room for data in
IPV6," he said. "
Cheers,
Gary
**************************************************************************
* Opinions expressed are not intended to reflect an official
position
**************************************************************************
* Gary
Stoneburner
* Computer Security Division, National Institute of Standards &
Technology
* 100 Bureau Drive, Stop 8930, Gaithersburg, MD
20899-8930
* Phone: 301-975-5394, FAX: 301-948-0279, Email: Stoneburner@nist.gov
*
http://csrc.nist.gov/staff/stoneburner/gshome.html
**************************************************************************
Date Index |
Thread Index |
Problems or questions? Contact list-master@nist.gov