Unusual firewall bypassing techniques, network and computer security.

Lewis Carroll "Alice In Wonderland"
Chinese French Russian Spanish Polish Italian
Home | Projects | Papers | Forum | Team | Links | Contributions

Our papers

[September 2006] How to cook a covert channel; -Team GW; [plain text] [Hakin9 pdf]

[October 2005] Covert channels through the looking glass; -Team GW; [plain text]

[March 2004] Reverse Tunneling Techniques: theoretical requirements for the GW implementation; -Jeremian; [plain text]

[January 2004] A Forensic Analysis : HTTP Protocol; -Alex Dyatlov; [html]

[July 2003] Covert Channel and Tunneling over the HTTP protocol Detection : GW implementation theoretical design; -Simon Castro; [plain text], [html]

[Juillet 2003] Exploitation des flux autorisés par un système de contrôle d'accès réseau pour un transfert de données arbitraires : Tunneling et canaux cachés au sein du protocole HTTP - Version Française; -Alex Dyatlov, Simon Castro; [plain text], [html]

[June 2003] Exploitation of data streams authorized by a network access control system for arbitrary data transfers : tunneling and covert channels over the HTTP protocol; -Alex Dyatlov, Simon Castro; [plain text], [html]

Network Access Control System bypassing and Covert Channels theory [sort by title]

Tools related to next papers and locally mirrored : These tools are copy[right|left]ed by their authors :). We do not provide any guarantee these programs work properly and do not contain security holes.

ACK Tunneling Trojans [] -Arne Vidstrom
Covertly bypassing the Firewall -Lordloki
Legitimate Sites as Covert Channels -Errno Jones
Placing Backdoors Through Firewalls [rwwwshell-2.0.tar.gz] -van Hauser / THC
Rootshell with icmp_rcv() Hooking -sedn4[at]
Thinking About Firewalls -Marcus J. Ranum
~Whispers On The Wire~ Network Based Covert Channels Exploitation & Detection -Pukhraj Singh

A Note on the Confinement Problem (1973) -Butler W. Lampson

Architectural Implications of Covert Channels (1992) -Norman E. Proctor and Peter G. Neumann Computer Science Lab

A Guide to Understanding Covert Channel Analysis of Trusted Systems (1993) -National Computer Security Center
A Pump for Rapid, Reliable, Secure Communication (1993) -M.H. Kang, I.S. Moskowitz

Covert Channels Here to Stay? (1994) -Ira S. Moskowitz, Myong H. Kang
Discussion of a Statistical Channel (1994) -Ira S. Moskowitz, Myong H. Kang
The b2/c3 problem: how big buffers overcome covert channel cynicism in trusted database systems (1994) -J. McDermott
Simple Timing Channels (1994) -Ira S. Moskowitz, Allen R. Miller

Covert Channel Analysis (1995) -John McHugh

A Network Pump (1996) -M.H. Kang, I.S. Moskowitz, D.C. Lee
Covert Channels in the TCP/IP Protocol Suite (1996) -Craig H. Rowland
Project Loki (1996) -daemon9 for Phrack Magazine

Establishing Big Brother using covert channels and other covert techniques (1997) -Y. Desmedt
Project Loki 2 (1997) -daemon9 for Phrack magazine

Chaffing and Winnowing: Confidentiality without Encryption (1998) -Ronald L. Rivest MIT Lab for Computer Science
DNS Tunnel - through bastion hosts (1998) -Oskar Pearson

Information Hiding - a Survey (1999) -F.A.P. Petitcolas, R.J. Anderson, M.G. Kuhn - Proceedings of the IEEE

IP Checksum Covert Channels and Selected Hash Collision (2001) -Christopher Abad

A Discussion of Covert Channels and Steganography (2002) -Mark Owens
Ambiguities in TCP/IP - firewall bypassing (2002) -Paul Starzetz
Bypassing Firewalls: Tools and Techniques (2002) -Jake Hill
Covert Channel Analysis and Data Hiding in TCP/IP (2002) -Kamran Ashan
Covert Channels in TCP/IP Headers (2002) -Drew Hintz
Covert Shells (2002) -J. Christian Smith
Detecting HTTP Tunneling Activities (2002) -D.J. Pack, W. Streilein, S. Webster, R. Cunningham
Eliminating Steganography in Internet Traffic with Active Wardens (2002) -G. Fisky, M. Fisk, C. Papadopoulos, J. Neil
Quantifying Information Flow (2002) -Gavin Lowe
Infranet: Circumventing Web Censorship and Surveillance (2002) -N. Feamster, M. Balazinska, G. Harfst, H. Balakrishnan, D. Karger MIT Laboratory for Computer Science
Practical Data Hiding in TCP/IP (2002) -K. Ahsan, D. Kundur
Stealth Attack Against Personal Firewalls (2002) -Brian McWilliams for Newsbytes

Adaptation and Performance of Covert Channels in Dynamic Source Routing (2003) -M. Marone
Covert channels and anonymizing networks (2003) -Ira S. Moskowitz, R.E. Newman, D.P. Crepeau, A.R. Miller
Covert channels detection in protocols using scenarios (2003) -L. Helouet, C. Jard, M. Zeitoun
HICCUPS: Hidden Communication System for Coruppted Networks (2003) -K. Szczypiorski
Malacious ICMP Tunneling : Defense Against the Vulnerability [icmp_mon.tar.gz] (2003) -A. Singh, O. Nordstrom, C. Lu, A. L M dos Santos
Messaging over IPv6 Destination Options [j6p.tar.bz2] (2003) -Thomas Graf
New covert channels in HTTP: adding unwitting Web browsers to anonymity sets (2003) -M. Bauer
Quasi-Anonymous Channels (2003) -I. Moskowitz, R. Newman, P. Syverson
Using Spam As A Vector Of Back Door Communication (2003) -Vision Through Sound

Covert Channel Analysis and Detection with Reverse Proxy Servers using Microsoft Windows (2004) -Llamas D., Allison C., Miller A.
Covert Channels for Collusion in Online Computer Games (2004) -S.J. Murdoch, P. Zielinski
Eraser: An Exploit - Specific Monitor to Prevent Malicious Communication Channel (2004) -A. Singh
IP covert timing channels: design and detection (2004) -S. Cabuk, C. E. Brodley, C. Shields
The Implementation of Passive Covert Channels in the Linux Kernel [nushu.tar.gz] (2004) -Joanna Rutkowska for CCC 2004
Scenarios and Covert channels: another game... (2004) -L. Helouet, M. Zeitoun, A. Degorre
Syntax and Semantics-Preserving Application-Layer Protocol Steganography (2004) -N. Lucena, J. Pease, P. Yadollahpour, S. J. Chapin
Web Tap : Detecting Covert Web Traffic (2004) -K. Borders, A. Prakash

An Evaluation Framework for the Analysis of Covert Channels in the TCP/IP protocol suite (2005) -Llamas D., Allison C., Miller A.
Caracterisation des canaux caches en logique temporelle alternante (Rapport de stage Master) (2005) [fr] -Aldric Degorre
Covert Channels in Internet Protocols: A Survey (2005) -Llamas D., Allison C., Miller A.
Data Hiding in Identification and Offset IP Fields (2005) -E. Cauich, R. Gomez Cardenas, R. Watanabe
Detecting NUSHU Covert Channels Using Neural Networks (2005) -E. Tumoian, M. Anikeev
Detection of Covert Channel Encoding in Network Packet Delays (2005) -V. Berk, A. Giani, G. Cybenko
The Dining Freemasons (2005) -M. Bond, G. Danezis
Embedding Covert Channels into TCP/IP (2005) -S.J. Murdoch, S. Lewis
New Constructive Approach to Covert Channel Modeling and Channel Capacity Estimation (2005) -Z. Wang, R. Lee
Sistema de deteccao de backdoors e canais dissimulados (2005) -C.H. P.C. Chaves, A. Montes
The Pump: A Decade of Covert Fun (2005) -M.H. Kang, I.S. Moskowitz, S. Chincheck

Data Exfiltration and Covert Channels (2006) -A. Giani, V.H. Berk, G.V. Cybenko
Research Report: Covert Channels 2005/2006 (2006) -M. Smeets, M. Koot
Application Layer Covert Channel Analysis and Detection (2006) -Zbigniew Kwecka
Keyboards and Covert Channels - JitterBugs [ext] (2006) -G. Shah, A. Molina and M. Blaze

Covert Channel Analysis in TCP/IP networks (2007) -Allix P.
Protocol Hopping Covert Channels (2007) -S. Wendzel
Real-Time Steganography with RTP (2007) -I)ruid
XSS Tunneling (2007) -Ferruh Mavituna

Security and Computer systems

The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments (1998) -Peter A. Loscocco, Stephen D. Smalley, Patrick A. Muckelbauer, Ruth C. Taylor, S. Jeff Turner, John F. Farrell
Departement of Defense Trusted Computer system evaluation criteria - 5200.28-STD (1985) - DoD standard
Extension to 5200.28-STD to trusted network systems and components. (1987) - National Computer Security Center


RFC 2109 : HTTP State Management Mechanism (1997)
RFC 2616 : Hypertext Transfer Protocol -- HTTP/1.1 (1999)
RFC 3093 : Firewall Enhancement Protocol (FEP) (2001)

GNU  GNU General Public License
 GNU Free Documentation License