WRT the Covert Channels paper -
Header extensions and IP options are not actually practical channels. They
sound good but in practice they run afoul of the problem that network
equipment, particularly routers, process packets in hardware - unless they have
unusual extensions or IP Options, i
Ray -
Great real-world report... my direct experience in all this is dated by
at least 6 years, but most of it nearly 10 years old now... time flies!
The only question I have about your response below is about the question
of bandwidth... while *some* important data/secrets are large, many
Files in modern systems tend to grow faster than Moore's law. It's possible to
exfiltrate some information via low bandwidth channels - but the type of
information that is of high value is frequently either related to system access
or to legacy systems. If one has enough access to create a cov
