I have to do a networking programming project for a class of mine, and I'm looking for suggestions. If I decide to use your idea, I can almost guarantee you'll get the program and source code when I'm done.

The plan is to do something that hasn't been done before. To give an example, I was originally thinking of a session hijacker for high-level protocols (for example, hijacking an AIM connection/conversation, etc.). However, that's not suitable for an academic project (too malicious).

I would probably be able to choose the language, in which case it would probably be C++

Keep in mind that this can be something from scratch or an add-on (like a substantial new toolbar for IE, etc.)

Hello,

what about an atempt at detection of covert channels ?

atempt, of course, there is so many way to do the stuff....

just an idea

Regards
FoolFox

If there were popular uses of covert channels and I could target one or two types of things to monitor, then maybe. But, as you said, there are sooooo many different possible covert channels, I think it would be like searching for a needle in a haystack. Thanks for suggesting it, though!

Out of sheer ignorance:

I know only the very basic of networking, but because of my profession, I am an expert on creating outlandish ideas:

Implement a secure data transmission protocol in which the data is transmitted and listened through ports at a pseudorandom fashion. Perhaps simultaneously and in parallel, through several ports at the time. It will switch ports on the fly during transmission based on encrypted stubs attached to the previous set of packets. It would take a hell of a packet sniffer to follow and reconstruct the transmission of encrypted data, given the high level of noise from network traffic.

I know firewalls would go crazy, but you could limit the range of ports to a limited subset.

Does it sound nuts enough?

i agree, that is an interesting idea. however, if the packets are already encrypted, why bother playing with ports if the packet sniffer can't (theoretically) decrypt them or understand them anyway?