A program called NCovert uses spoofing techniques to hide the source of communications and the data that travels over the network–a potential boon to both privacy advocates and hackers, said Mark Lovelace, senior security researcher for network protection firm BindView, who unveiled the program Thursday at the Black Hat Briefings security conference here.
“I am not going to beat around the bush,” Lovelace said. “If you have something to hide, you would use this–so it could help black hats (criminal hackers).”
The technique essentially creates a covert channel for communications by hiding four characters of data in the header's initial sequence number (ISN) field. The header is the part of data packets that tells network hardware and servers how to handle the information. The header also includes source and destination Internet protocol (IP) addresses. Those addresses are used to add anonymity to the communications. [Privacy Digest]