script:x509_ext_c2
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | Next revisionBoth sides next revision | ||
script:x509_ext_c2 [2018/02/08 23:59] – [The Full Text Search FTS Document] veera | script:x509_ext_c2 [2018/02/09 00:00] – [Detecting covert channels in X.509 Digital Certificates using the Trisul LUA API] veera | ||
---|---|---|---|
Line 5: | Line 5: | ||
In this technique the covert channel is built by stuffing chunks of data into X.509 Certificate Extensions, in this case the " | In this technique the covert channel is built by stuffing chunks of data into X.509 Certificate Extensions, in this case the " | ||
- | Detecting this is quite easy with Trisul as well as Bro IDS. This post highlights the different approaches taken. | + | Detecting this is quite easy with [[https:// |
===== Trisul vs Bro approaches to the same problem | ===== Trisul vs Bro approaches to the same problem |
script/x509_ext_c2.txt · Last modified: 2024/06/05 10:49 by thiyagu