|
@@ -15,15 +15,18 @@ The basic setup:
|
|
|
/|\ ---------| active Server | <== covert channel ==> | passive Server |--------- /|\
|
|
|
\\ | | | | //
|
|
|
----------------- ------------------
|
|
|
- ||
|
|
|
- client connection
|
|
|
- ||
|
|
|
- E ----------
|
|
|
- o | |
|
|
|
- /|\ | Client |
|
|
|
- \\ | |
|
|
|
- ----------
|
|
|
+ || ||
|
|
|
+ client connection client connection
|
|
|
+ || ||
|
|
|
+ E ---------- ---------- F
|
|
|
+ o | | | | o
|
|
|
+ /|\ | Client | | Client | /|\
|
|
|
+ \\ | | | | //
|
|
|
+ ---------- ----------
|
|
|
```
|
|
|
-A views the website of B on Port p and produces traffic between them. E knows that and sets up two servers. The active server is the server E which will be used to send a file to the passive server.
|
|
|
-E sets the target IP on the active server side to the IP of A and teh target IP on the passive side to the IP of B. The target Port in on both sides set to p.
|
|
|
-Now E connects to the active server with its client and queues a file for sending over the covert channel. The file transmission will start once A surfs on B's website again.
|
|
|
+E wants to send a file to F. A and E live together and B and F live together. E and F know that A will surf on B's website a lot so they decided to setup a covert channel which utilises the traffic of A and B as man in the middle.
|
|
|
+A surfs on the website of B on Port p and produces traffic between them. E and F set up the two servers. The active server is the server which will be used to send a file to the passive server.
|
|
|
+E sets the target IP on the active server side to the IP of A and F the target IP on the passive side to the IP of B. The target Port on both sides is set to p.
|
|
|
+Now the servers are forwarding A's and B's traffic and can add secret data to the traffic.
|
|
|
+E connects to the active server with his/her client and queues a file for sending over the covert channel. The file transmission will start once A surfs on B's website again. Now E and F have to wait until A produced enough traffic to transmit the file completely.
|
|
|
+After the file transmission finished F can downlod the file with his/her client.
|