Covert channels in the TCP/IP protocol suite

  • Craig H. Rowland
Keywords: encoding information in a TCP/IP header, manipulation of the IP identification field, initial sequence number field, TCP acknowledge sequence number field bounce, protection, detection, covert_tcp program, article


The TCP/IP protocol suite has a number of weaknesses that allow an attacker to leverage techniques in the form of covert channels to surreptitiously pass data in otherwise benign packets. This paper attempts to illustrate these weaknesses in both theoretical and practical examples.
How to Cite
Rowland, C. H. (1997). Covert channels in the TCP/IP protocol suite. First Monday, 2(5).