[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TCP/IP Stego (was CU-SeeMe)

To: [email protected]
Subject: Re: TCP/IP Stego (was CU-SeeMe)
From: [email protected] (Bill Frantz)
Date: Fri, 8 Mar 1996 12:58:54 -0800
Sender: [email protected]

At 12:19 PM 3/8/96 -0800, Jim McCoy wrote:
>... The original
>technique of doing stego on packets is still valid, and by adding it in
>to a WinSock lib or linux tcp/ip implementation the user can send hidden
>messages just by connecting to a friendly stego-enhanced web server out
>on the net and doing some casual browsing.

If you can hack your TCP implementation, you should be able (with a high
probability) stego information in a few bits of the TCP checksum by
adjusting the packet boundries of the TCP stream.  An error correcting code
protocol would cover the cases where you couldn't get that *%$# bit set
correctly.  Please note that this technique would not result in TCP
checksum errors.

------------------------------------------------------------------------
Bill Frantz       | The CDA means  | Periwinkle  --  Computer Consulting
(408)356-8506     | lost jobs and  | 16345 Englewood Ave.
[email protected] | dead teenagers | Los Gatos, CA 95032, USA

Follow-Ups:
- Re: TCP/IP Stego (was CU-SeeMe)
  - From: Ben Holiday <[email protected]>

Prev by Date: How would Leahy bill affect crypto over HAM radio?
Next by Date: Re: Someone in a goverment with something close to the right idea...
Prev by thread: TCP/IP Stego (was CU-SeeMe)
Next by thread: Re: TCP/IP Stego (was CU-SeeMe)
Index(es):
- Date
- Thread