© 2004 Computer Academic
Underground
Tool: StegTunnel
StegTunnel
establishes a full-duplex steganographic communications tunnel using
a legitimate TCP session generated by the client host
Uses
a TCP connection’s handshake SYN and SYN/ACK packets to
establish a “keyed” communication session
Uses
the IP header’s IPID field to transmit it’s payload
Uses
a TCP connection’s handshake SYN and SYN/ACK packets to
establish a “keyed” communication session
Uses
the IP header’s IPID field to transmit it’s payload