private-sector keystroke logger...
Perry E. Metzger
perry at wasabisystems.com
Tue Nov 27 15:41:40 EST 2001
Derek Atkins <warlord at MIT.EDU> writes:
> Hrm, how about a worm with a built-in HTTP server that installs itself
> on some non-standard port, say TCP/28462 (to pick one at random)?
Too easy to detect. Encrypt the key in some key known only to the
attacker, and start leaking little bits of it in things like tweaks to
tcp timings or selections of tcp client port numbers or initial
sequence numbers and such. Very hard to detect something like that
with network sniffing.
--
Perry E. Metzger perry at wasabisystems.com
--
NetBSD Development, Support & CDs. http://www.wasabisystems.com/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list