[51684] in Cypherpunks
Re: TCP/IP Stego (was CU-SeeMe)
daemon@ATHENA.MIT.EDU (Bill Frantz)
Fri Mar 8 16:34:28 1996
Date: Fri, 8 Mar 1996 12:58:54 -0800
To: cypherpunks@toad.com
From: frantz@netcom.com (Bill Frantz)
At 12:19 PM 3/8/96 -0800, Jim McCoy wrote:
>... The original
>technique of doing stego on packets is still valid, and by adding it in
>to a WinSock lib or linux tcp/ip implementation the user can send hidden
>messages just by connecting to a friendly stego-enhanced web server out
>on the net and doing some casual browsing.
If you can hack your TCP implementation, you should be able (with a high
probability) stego information in a few bits of the TCP checksum by
adjusting the packet boundries of the TCP stream. An error correcting code
protocol would cover the cases where you couldn't get that *%$# bit set
correctly. Please note that this technique would not result in TCP
checksum errors.
------------------------------------------------------------------------
Bill Frantz | The CDA means | Periwinkle -- Computer Consulting
(408)356-8506 | lost jobs and | 16345 Englewood Ave.
frantz@netcom.com | dead teenagers | Los Gatos, CA 95032, USA
