Originally Posted by
smahdi1991
Ive reading some article about covert channel
and their were clear in explanation.but there is something i think is missing in their article.if an Adversary want to send an anonymous data in a covert channel(for example in tcp or ip or icmp unused fields) ,it will be OK and firewall cant detect it ,but they can find the destination ip and already found the attacker ,am i right?
then why they say detect a covert channel is difficult?and how an attacker use covert channel while its destination ip address is reveal for firewall?