and bypassing firewalls is an excellent way to get into BIG trouble with whomever is running the firewall. It is irrelevant how ignorant that person might be about the traffic which passes through their firewall. I'm sure if they were only slightly less ignorant they'd run a strict HTTP gateway on port 80 of their firewall and then you'd be stuck wrappging everything up to look like proper HTTP in order to bypass their firewall. It is better that you learn to negotiate the access you need than to have to resort to using covert channels which could get you busted.
Steno is a great thing, so it wont get anyone busted. Alex
Steganography looked great in that hollywood movie Along Came a Spider with Morgan Freeman (or at least the 'screen friendly' version they portrayed) but a recent study of millions of graphics across USENET found zero steganographic images. Great theory, no examples found in the wild, other than in Hollywood scripts and some folk trading porn of the type not usually posted to the public Internet. Anyone interested my try: http://www.earthweb.com/article/0,,10456_624101,00.html Just my 2¢. Best regards, _________________________ Alan Rowland -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of alex@yuriev.com Sent: Tuesday, September 10, 2002 12:15 PM To: Greg A. Woods Cc: nanog@merit.edu Subject: Re: How do you stop outgoing spam?
and bypassing firewalls is an excellent way to get into BIG trouble with whomever is running the firewall. It is irrelevant how ignorant that person might be about the traffic which passes through their firewall. I'm sure if they were only slightly less ignorant they'd run
a strict HTTP gateway on port 80 of their firewall and then you'd be stuck wrappging everything up to look like proper HTTP in order to bypass their firewall. It is better that you learn to negotiate the access you need than to have to resort to using covert channels which could get you busted.
Steno is a great thing, so it wont get anyone busted. Alex
Steganography looked great in that hollywood movie Along Came a Spider with Morgan Freeman (or at least the 'screen friendly' version they portrayed) but a recent study of millions of graphics across USENET found zero steganographic images. Great theory, no examples found in the wild, other than in Hollywood scripts and some folk trading porn of the type not usually posted to the public Internet.
Steno principals are alive and well. Covert channel transmissions are alive and well. Both were used to bypass compartmentalization on a certain secure OS. If anyone needs to encode data in valid HTML to tunnel it through a firewall, it *will* be done. Several years ago, we had implementations of telnet over email, I am sure modifying it to do telnet over HTML would be a rather trivial task. Alex
On Tue, Sep 10, 2002 at 12:45:01PM -0700, Al Rowland wrote:
Steganography looked great in that hollywood movie Along Came a Spider with Morgan Freeman (or at least the 'screen friendly' version they portrayed) but a recent study of millions of graphics across USENET found zero steganographic images. Great theory, no examples found in the wild, other than in Hollywood scripts and some folk trading porn of the type not usually posted to the public Internet.
I was going to stay out of this one, but then this came along. It is trivially easy to encrypt, transpose, or otherwise bury the message inside an image, or what have you. If I use a PRNG, prearrangement, or some other selection method to decide which bytes, or which files, or some combination of both will receive a chunk of the data to be hidden, and then encrypt it with a decent enough algorithm, it will not be easy to determine there is something there at all, particularly in a medium like USENET where lots and lots of large binary postings are common. Just because someone ran through a pile of images using jpegv4 with the jsteg patches, or some similar commercial application, does not mean it wasn't there -- it just means it wasn't obviously there. I myself have encrypted my PGP key's revocation certificates and buried them in some images on a website as a fallback storage method. Is it widely used? Probably not. Is it safe to say it's not being used on the basis of a quick check with an off the shelf utility or two? No. --msa
On Tue, Sep 10, 2002 at 12:45:01PM -0700, Al Rowland wrote:
Steganography looked great in that hollywood movie Along Came a Spider with Morgan Freeman (or at least the 'screen friendly' version they portrayed) but a recent study of millions of graphics across USENET found zero steganographic images. Great theory, no examples found in the wild, other than in Hollywood scripts and some folk trading porn of the type not usually posted to the public Internet.
Well, I wouldn't say that. There is an EXTENSIVE trade of some unknown data going to and from Asia (primarily Japan and China) through various forms of steganography in jpg png and gif images on free web hosting services. I can personally account for over 5Gbps (every day) of this traffic just from people I know, which I would hardly consider to be "everyone". I've managed to reconstruct the data from pieces of scripts they have accidentally left behind, and come up with encrypted .zip files. Left a zip cracker running on a 1GHz machine for a couple months and came up with no results. I'm not gonna take any guesses as to the content, but I can tell you that they are very diversified, very persistant (you filter one route or transit path and they'll have moved to another within hours), and very innovative in hiding the data so that you can't detect what they're doing short of looking at every picture. -- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
participants (4)
-
Al Rowland -
alex@yuriev.com -
Majdi S. Abbas -
Richard A Steenbergen