Covert channels have been a big problem for years. Recently applied in Electronic Voting System can threaten Democracy. I've found a nice software in order to understand how covert channels can work. I've downloaded it here and I've just tried how it works. As usually just few screens shots.
The first MAC is 10.0.0.12 and the second one is 10.0.0.13
Opening an easy nc connection in both MAC.
Writing something in the first nc shell (10.0.0.12) the message will be forwarded into the second nc shell using covert channels. But following the Tao suggestion what's happening in our communication ? The communication starts in that way. An easy Http GET with cookies stetted "this is a string \r\n", the exact data that I've pushed on first nc shell (10.0.0.12)
The right answer from 10.00.13
The Answer from second nc shell (10.0.0.13) is forwarded to second nc shell (10.0.0.12) using another cover channel
Whit the relative data !
It's a very easy example of two different covert channels, the first one using a cookies in tx and the other sending tcp data back. I think this example should be really useful for teaching purpose. Maybe could be interesting improve-it using different channels and protocols and upgrading the communication level with a strong data encryption in order to hide written data. Should also be interesting building a kernel based implementation upgrading modern distributions.