A covert channel is a communication channel that violates a security policy by using shared resources in ways for which they were not initially designed (Cabuk, 2009). A storage covert channel involves a location to which the covert channel sender writes and from which the receiver reads. A timing covert channel is established when the sender can modulate the receivers response time in a way that can provide information. An excellent example of covert storage channels in a well known application is the ICMP error message echoing functionality. Due to ambiguities in the ICMP RFC, many IP implementations use the memory within the packet for storage or calculation. For this reason, certain fields of certain packets, such as ICMP error packets which echo back parts of received messages -- may contain flaws or extra information which betrays information about the identity of the target operating system. This information is then used to build up evidence to decide the environment of the target (Covert Storage Channel, cwe.mitre.org) . This is the first crucial step in determining if a given system is vulnerable to a particular flaw and what changes must be made to malicious code to mount a successful attack.