This is all really good advice. I think it should be published as an RFC.
On Tue, Mar 7, 2017 at 10:53 AM, Stephane Bortzmeyer
<bortzmeyer(_at_)nic(_dot_)fr>
wrote:
In the Vault7 leak (malware library of the CIA
<https://wikileaks.org/ciav7p1/>), there is a page giving advices to
malware authors: how to avoid leaving traces
<https://wikileaks.org/ciav7p1/cms/page_14587109.html>. Among very
good advices, it talks of the IETF:
DO use ITEF [sic] RFC compliant network protocols as a blending
layer. The actual data, which must be encrypted in transit across the
network, should be tunneled through a well known and standardized
protocol (e.g. HTTPS)
Custom protocols can stand-out to network analysts and IDS filters.