GRAY-WORLD.NET TEAM
Unusual firewall bypassing techniques, network and computer security.

Lewis Carroll "Alice In Wonderland"
Alice
Chinese French Russian Spanish Polish Italian
Home | Projects | Papers | Forum | Team | Links | Contributions
 Papers 

Our papers

[September 2007] g00gle CrewBots -Matteo Memelli; [plain text]

[September 2006] How to cook a covert channel; -Team GW; [plain text] [Hakin9 pdf]

[October 2005] Covert channels through the looking glass; -Team GW; [plain text]

[March 2004] Reverse Tunneling Techniques: theoretical requirements for the GW implementation; -Jeremian; [plain text]

[January 2004] A Forensic Analysis : HTTP Protocol; -Alex Dyatlov; [html]

[July 2003] Covert Channel and Tunneling over the HTTP protocol Detection : GW implementation theoretical design; -Simon Castro; [plain text], [html]

[Juillet 2003] Exploitation des flux autorisés par un système de contrôle d'accès réseau pour un transfert de données arbitraires : Tunneling et canaux cachés au sein du protocole HTTP - Version Française; -Alex Dyatlov, Simon Castro; [plain text], [html]

[June 2003] Exploitation of data streams authorized by a network access control system for arbitrary data transfers : tunneling and covert channels over the HTTP protocol; -Alex Dyatlov, Simon Castro; [plain text], [html]

Covert Channels in computer networks papers resources

The home of Sebastian Zander at the Centre for Advanced Internet Architectures : http://caia.swin.edu.au/cv/szander/cc/index.html.

Network Access Control System bypassing and Covert Channels theory [sort by year]

Tools related to next papers and locally mirrored : gray-world.net/tools. These tools are copy[right|left]ed by their authors :). We do not provide any guarantee these programs work properly and do not contain security holes.

A Discussion of Covert Channels and Steganography (2002) -Mark Owens
A Guide to Understanding Covert Channel Analysis of Trusted Systems (1993) -National Computer Security Center
A Network Pump (1996) -M.H. Kang, I.S. Moskowitz, D.C. Lee
A Note on the Confinement Problem (1973) -Butler W. Lampson
A Pump for Rapid, Reliable, Secure Communication (1993) -M.H. Kang, I.S. Moskowitz
ACK Tunneling Trojans [ackcmd.zip] -Arne Vidstrom
Adaptation and Performance of Covert Channels in Dynamic Source Routing (2003) -M. Marone
Ambiguities in TCP/IP - firewall bypassing (2002) -Paul Starzetz bugtraq@securityfocus.com
Architectural Implications of Covert Channels (1992) -Norman E. Proctor and Peter G. Neumann Computer Science Lab
An Evaluation Framework for the Analysis of Covert Channels in the TCP/IP protocol suite (2005) -Llamas D., Allison C., Miller A.
Application Layer Covert Channel Analysis and Detection (2006) -Zbigniew Kwecka
Bypassing Firewalls: Tools and Techniques (2002) -Jake Hill
Caracterisation des canaux caches en logique temporelle alternante (Rapport de stage Master) (2005) [fr] -Aldric Degorre
Chaffing and Winnowing: Confidentiality without Encryption (1998) -Ronald L. Rivest MIT Lab for Computer Science
Covert Channel Analysis (1995) -John McHugh
Covert Channel Analysis and Data Hiding in TCP/IP (2002) -Kamran Ashan
Covert Channel Analysis and Detection with Reverse Proxy Servers using Microsoft Windows (2004) -Llamas D., Allison C., Miller A.
Covert Channel Analysis in TCP/IP networks (2007) -Allix P.
Covert channels and anonymizing networks (2003) -Ira S. Moskowitz, R.E. Newman, D.P. Crepeau, A.R. Miller
Covert channels detection in protocols using scenarios (2003) -L. Helouet, C. Jard, M. Zeitoun
Covert Channels for Collusion in Online Computer Games (2004) -S.J. Murdoch, P. Zielinski
Covert Channels Here to Stay? (1994) -Ira S. Moskowitz, Myong H. Kang
Covert Channels in Internet Protocols: A Survey (2005) -Llamas D., Allison C., Miller A.
Covert Channels in TCP/IP Headers (2002) -Drew Hintz
Covert Channels in the TCP/IP Protocol Suite (1996) -Craig H. Rowland
Covert Shells (2002) -J. Christian Smith
Covertly bypassing the Firewall -Lordloki
Data Exfiltration and Covert Channels (2006) -A. Giani, V.H. Berk, G.V. Cybenko
Data Hiding in Identification and Offset IP Fields (2005) -E. Cauich, R. Gomez Cardenas, R. Watanabe
Detecting NUSHU Covert Channels Using Neural Networks (2005) -E. Tumoian, M. Anikeev
Detection of Covert Channel Encoding in Network Packet Delays (2005) -V. Berk, A. Giani, G. Cybenko
Detecting HTTP Tunneling Activities (2002) -D.J. Pack, W. Streilein, S. Webster, R. Cunningham
The Dining Freemasons (2005) -M. Bond, G. Danezis
Discussion of a Statistical Channel (1994) -Ira S. Moskowitz, Myong H. Kang
DNS Tunnel - through bastion hosts (1998) -Oskar Pearson bugtraq@netspace.org
Eliminating Steganography in Internet Traffic with Active Wardens (2002) -G. Fisky, M. Fisk, C. Papadopoulos, J. Neil
Embedding Covert Channels into TCP/IP (2005) -S.J. Murdoch, S. Lewis
Eraser: An Exploit - Specific Monitor to Prevent Malicious Communication Channel (2004) -A. Singh
Establishing Big Brother using covert channels and other covert techniques (1997) -Y. Desmedt
HICCUPS: Hidden Communication System for Coruppted Networks (2003) -K. Szczypiorski
Quantifying Information Flow (2002) -Gavin Lowe
Information Hiding - a Survey (1999) -Fabien A. P. Petitcolas, Ross J. Anderson, Markus G. Kuhn - Proceedings of the IEEE
Infranet: Circumventing Web Censorship and Surveillance (2002) -Nick Feamster, Magdalena Balazinska, Greg Harfst, Hari Balakrishnan, David Karger MIT Laboratory for Computer Science
IP Checksum Covert Channels and Selected Hash Collision (2001) -Christopher Abad
IP covert timing channels: design and detection (2004) -S. Cabuk, C. E. Brodley, C. Shields
Keyboards and Covert Channels - JitterBugs [ext] (2006) -G. Shah, A. Molina and M. Blaze
Legitimate Sites as Covert Channels -Errno Jones
Malacious ICMP Tunneling : Defense Against the Vulnerability [icmp_mon.tar.gz] (2003) -A. Singh, O. Nordstrom, C. Lu, A. L M dos Santos
Messaging over IPv6 Destination Options [j6p.tar.bz2] (2003) -Thomas Graf
New Constructive Approach to Covert Channel Modeling and Channel Capacity Estimation (2005) -Z. Wang, R. Lee
New covert channels in HTTP: adding unwitting Web browsers to anonymity sets (2003) -M. Bauer
Placing Backdoors Through Firewalls [rwwwshell-2.0.tar.gz] -van Hauser / THC
Practical Data Hiding in TCP/IP (2002) -K. Ahsan, D. Kundur
Project Loki (1996) -daemon9 for Phrack Magazine
Project Loki 2 (1997) -daemon9 for Phrack magazine
Protocol Hopping Covert Channels (2007) -S. Wendzel
The Implementation of Passive Covert Channels in the Linux Kernel [nushu.tar.gz] (2004) -Joanna Rutkowska for CCC 2004
The Pump: A Decade of Covert Fun (2005) -M.H. Kang, I.S. Moskowitz, S. Chincheck
Quasi-Anonymous Channels (2003) -I. Moskowitz, R. Newman, P. Syverson
Research Report: Covert Channels 2005/2006 (2006) -M. Smeets, M. Koot
Real-Time Steganography with RTP (2007) -I)ruid
Rootshell with icmp_rcv() Hooking -sedn4[at]blackangels.it
The b2/c3 problem: how big buffers overcome covert channel cynicism in trusted database systems (1994) -J. McDermott
Sistema de deteccao de backdoors e canais dissimulados (2005) -C.H. P.C. Chaves, A. Montes
Using Spam As A Vector Of Back Door Communication (2003) -Vision Through Sound
Scenarios and Covert channels: another game... (2004) -L. Helouet, M. Zeitoun, A. Degorre
Simple Timing Channels (1994) -Ira S. Moskowitz, Allen R. Miller
Stealth Attack Against Personal Firewalls (2002) -Brian McWilliams for Newsbytes
Syntax and Semantics-Preserving Application-Layer Protocol Steganography (2004) -N. Lucena, J. Pease, P. Yadollahpour, S. J. Chapin
Thinking About Firewalls -Marcus J. Ranum
Web Tap : Detecting Covert Web Traffic (2004) -K. Borders, A. Prakash
~Whispers On The Wire~ Network Based Covert Channels Exploitation & Detection -Pukhraj Singh
XSS Tunneling (2007) -Ferruh Mavituna

Security and Computer systems

The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments (1998) -Peter A. Loscocco, Stephen D. Smalley, Patrick A. Muckelbauer, Ruth C. Taylor, S. Jeff Turner, John F. Farrell
Departement of Defense Trusted Computer system evaluation criteria - 5200.28-STD (1985) - DoD standard
Extension to 5200.28-STD to trusted network systems and components. (1987) - National Computer Security Center

RFCs

RFC 2109 : HTTP State Management Mechanism (1997)
RFC 2616 : Hypertext Transfer Protocol -- HTTP/1.1 (1999)
RFC 3093 : Firewall Enhancement Protocol (FEP) (2001)




GNU  GNU General Public License
 GNU Free Documentation License
IRC://irc.gray-world.net:6677/gray-world.net
CHANGELOG, MIRRORS, LEGAL NOTICE