A covert channel attack is initiated by using an existing information channel to transfer objects from one source to another without the knowledge of the user. Since the system or information channel was not originally built for such communication or conveyance of information, hackers transfer the data in small bits to keep the attack unnoticed.
The data is embedded in the free space available in a data stream without affecting the main body of information being transferred. The space used for creating a covert channel may be the free space left within the padding or other parts of the network data packets. Usually, only 1-2 bits of covert data stream are added to one data packet which makes it difficult to detect the attack. As the original data is not tampered, the covert receiver can receive information from the system without creating a data trail.
Covert channels are of two types:
- Covert Time Channel- The processing of signal information of a network channel by manipulating own system resources which affects real response time observed by the original network.
- Covert Storage Channel- Direct or indirect embedding of data to a storage location by a system & direct or indirect reading of this data by another system at a different security level.
Using DNS As A Covert Channel
To create a covert channel, attacker installs a malware or specially designed program on the victim’s system via malicious links or by using remote administration to alter its DNS. An altered DNS is configured to serve random text in addition to website information. It behaves normally under usual conditions, but acts as per the covert channel program for a special domain. The flow of information between DNS & malware follows the normal client-server architecture. The malware plays the role of second component of covert channel. It sends DNS requests which look legitimate. The compromised DNS responds to these requests with hidden key information. Covert receiver extracts this hidden information. Thus, a covert channel uses a fully functional authorized system to transfer unauthorized information in a secretive manner.
Covert channel attacks make use of simple forums like a file or time used for computation, which makes it difficult to identify these attacks. Two techniques that are commonly used for detection of covert channels are analyzing the resources of a system and vigilance of the source code.
For more information on tips to secure your computer network, contact Centex Technologies at (972) 375 - 9654.
The ever increasing number of internet users has provided cyber criminals an opportunity to exploit the vulnerabilities in the computer systems. As people constantly rely on the digital world for work, gaming, social networking, recreation and other such purposes, there has been a massive upsurge in the malware threats. It is important to detect the infection in order to protect your computer and prevent such attacks in future.
Given below are some warning signs that may indicate that your computer is malware infected:
- Slow Computer: If your computer has been infected by a malware, it may slow down the speed of the system, internet and programs. However, make sure you rule out other potential causes of a slow computer, such as resource-heavy applications, fragmented system, lack of hard disk space or RAM etc.
- Unwanted Pop-Ups: Unexpected pop-up advertizements that appear on your computer system are one of the most annoying signs of a malware infection. In some cases, these pop-ups may appear even if you are not connected to the internet. When the user clicks on a pop-up, it may redirect him to a fake website or download more malware on the system. Make sure you do not click on any of these ads or answer any survey questions.
- Unexpected System Crashes: A malware infected computer may crash unexpectedly and quite frequently as well as switch to the BSOD (blue screen of death). However, the problem may also appear due to a technical problem in the computer, such as the lack of latest drivers or incompatible programs running on the system. If this is not the case, you should immediately scan your computer to identify any malicious program or file.
- Random Network Activity: Another sign of a malware infection is the constant blinking of the router, indicating a high level of network activity even when you are not running a heavy program or uploading/downloading any files. It may be possible that your system has been hacked and controlled by a remote administrator.
- Lack Of Storage Space: Several types of malware are designed to manipulate files on the infected computer and fill up the space available on the hard drive. If any of your files stored in your computer system have been deleted, modified or you find any unknown programs that you didn’t install, it indicates a malware infection.
- Disabled Security Software: In order to avoid detection, many malware programs disable the security software installed on your computer. Hence, your computer does not have the necessary tools to identify and eliminate the malware. In some cases, you may also receive security warnings or threat alerts from antivirus programs that you never installed on the system.
We, at Centex Technologies, provide internet security solutions in Dallas, TX. For more information, you can call at (972) 375 – 9654.
Smartphones, tablets and other mobile devices have become an important part of life for most people. Though these technologically advanced gadgets have provided a great deal of convenience, there are several threats that come along. With sending emails, shopping and doing banking on the move, your personal information has become more vulnerable than ever.
Given here are some of the best practices to keep your mobile devices secure:
- Keep Your Device Updated: The first line of defense against security threats is to keep your mobile devices updated with the latest software. Check for updates regularly and download the apps only from credible sources. You must also keep your device properly patched against known vulnerabilities.
- Encrypt Data: There is a lot of sensitive information stored on your mobile device, such as official emails, contact numbers, passwords etc. In order to keep everything safe, it is best to store the data in an encrypted form. This will make sure that if the device is stolen, the thief will not be able to access the information stored therein.
- Remote Wipe: These apps enable you to erase all the data in case the device gets stolen or lost. You can remotely wipe off all the stored contacts, images and other important data from another system. However, these apps work only if the mobile device is turned on and receiving a network signal.
- Lock The Device: Enable built-in screen lock features in all your mobile devices. Make sure you employ strong passwords to block unwanted access. You can also use the auto-lock feature in which the device will automatically lock itself after a certain period of time and require a password to be unlocked.
- Avoid Using Open W-Fi Networks: You must not use public Wi-Fi networks, particularly those that do not require a password to connect. It might be set up to initiate an attack on your network. Avoid logging into any secure websites while using a free Wi-Fi hotspot.
- Be Careful With Bluetooth: Many mobile devices come with a default setting to switch on Bluetooth. This enables the users nearby to detect your device and potentially, connect to it. To avoid this, turn off Bluetooth when you are not using it or alter its security settings so that it is visible only to already connected devices.
For more tips on how to keep your mobile devices safe and secure, contact Centex Technologies at (972) 375 – 9654(972) 375 – 9654.