Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks |  | Author: Michal Zalewski
Publisher: No Starch Press
Category: Book
List Price: $39.95
Buy Used: $11.20
as of 7/30/2010 17:39 PDT details
You Save: $28.75 (72%)
New (26) Used (18) from $11.20
Seller: CRCBOOKS
Rating:  26 reviews
Sales Rank: 186775
Media: Paperback
Edition: 1
Pages: 312
Number Of Items: 1
Shipping Weight (lbs): 1.3
Dimensions (in): 9.2 x 6.9 x 1
ISBN: 1593270461
Dewey Decimal Number: 005.8
UPC: 689145704617
EAN: 9781593270469
ASIN: 1593270461
Publication Date: April 15, 2005
Availability: Usually ships in 1-2 business days
Tell A Friend
Add to Wishlist
Add to Wedding Registry
Add to Baby Registry
| |
| Similar Items:
| |
| Editorial Reviews:
Product Description
Author Michal Zalewski has long been known and respected in the hacking and security communities for his intelligence, curiosity and creativity, and this book is truly unlike anything else out there. In Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks, Zalewski shares his expertise and experience to explain how computers and networks work, how information is processed and delivered, and what security threats lurk in the shadows. No humdrum technical white paper or how-to manual for protecting oneÂ’s network, this book is a fascinating narrative that explores a variety of unique, uncommon and often quite elegant security challenges that defy classification and eschew the traditional attacker-victim model.
|
| Customer Reviews:
Showing reviews 1-5 of 26
 Most interesting security-related book I've read since Applied Cryptography April 6, 2009
L. Garcia (Spain.)
1 out of 1 found this review helpful
Before I bought this book I had seen some of Zalewski's work: his museum of broken packets and his famous Mozilla Firefox vulnerability reports. Because of that, I suspected Zalewski's book would be worth reading. Well, It actually turned out to be much more than that.
Silence on the wire is an awesome book, clearly targeted for security enthusiasts. In its 18 chapters, it shows many different (and often undetectable) ways in which an attacker can obtain useful information just by watching the way your systems behave. Did you know that in some cases it's possible to determine an attacker's system clock time that is port-scanning one of your boxes? Did you know that there are ways to identify decoys and spoofed packets? Or that you can recover the information being transmitted by a modem just by observing its LEDs? Reading the book you may find that your Ethernet card is leaking kernel-space information, that your system's pseudo-random-number-generator is not that random but totally predictable or that someone is remotely port-scanning your server while all you can see are incoming TCP SYN packets coming from a trusted box.
Every chapter starts with an introduction, then discusses one or more attack vectors and finally gives some "food for thought", this is, ideas for further research or further paranoia. Sometimes those introductions are longer than they should but at the same time they provide the background required to understand what comes next. For every chapter, the book also includes a list of references to relevant papers, specifications or research projects.
It is true that the book is 5 years old, but believe me, I didn't find a single line that was outdated. Hey, the book even talks about the recent Kaminsky's DNS vulnerability research and it was published 4 years before it became public! Its fair to say that some of the techniques explained in the book are difficult to use in real world situations but still, they will give you an idea of all the threats you are exposed to. Things can sometimes get scary...
Honestly, I highly recommend this book for anyone that enjoys network security from a technical point of view, anyone that has to protect critical systems against skilled attackers, or anyone that is interested on knowing how much can someone know about a computer system just using passive and undetectable techniques. I think this is the most interesting security-related book I've read since Schneier's "Applied Cryptography".
 Very untrustworthy November 6, 2008
xaman
0 out of 11 found this review helpful
Never trust a person that writes about things that he or she does not understand.
The citation below contains several very serious errors.
--------Chapter 16, Page 228 (footnote)-------
Non-polynomial (NP) problems have no known solutions of this nature [polynomial time solutions] and may require dramatically more time to solve as the input length increases, exhibiting, for example, exponential dependency. A subset of NP problems, known as NP complete, are proven to have no polynomial time solutions.
----------------------------------------------
The errors are:
1. "NP" does not mean "Non-polynomial" but "Non-deterministic Polynomial" (which are VERY different things)
2. Many NP problems do have known polynomial solutions, and it is possible that all of them have (still unknown) polynomial solutions.
3. None of the NP-complete problems have been proved to lack polynomial time solutions... Indeed, any such a proof would solve the famous "P vs NP" problem, a central open problem in computer science that has an associated prize of one million dollars from the Clay Mathematics Institute.
Granted that the book is not about complexity theory, but still, how could you trust any information in the book after this?
Great reading July 23, 2008
Angeli's Mom (Miami, FL)
A must for any IT security/networking engineer. Great read, great price, informative yet entertaining.
 Interesting but academic February 6, 2008
Charles G. Heaton
1 out of 2 found this review helpful
Zalewski brought up a number of interesting and very innovative security situations and possibilities. The statistical derivation of content based upon CPU utilization, is something I had never even considered... but at the same time it looks like it could be more work than someone would be willing to invest. The writing style is also slightly academic. A fair amount of time is spent giving background and information about a topic when those who may see the situation will probably already understand the history. I will have to admit that this was not a page turner, but I am very happy I bought this book. It was just a little difficult to get through at times.
Zalewski deals in the minutia December 14, 2007
Kristian Erik Hermansen (San Francisco, CA USA)
2 out of 2 found this review helpful
Silence on the Wire is not your typical security book detailing the
latest application exploits or generalized security trends and attack
prevention. Zalewski deals in the minutia. If you were to construct
a Bell Curve of security knowledge and concepts, you would need to
chop out a large portion of this graph and simply include the upper
threshold, in which Zalewski thrives on the seemingly unknown.
Zalewski takes a bottom-up approach. He dives right into the security
of hardware design, Random Number Generation, and how this can all add
up to information leakages otherwise known as security threats. If
you have ever typed on a keyboard, then you may be interested in
knowing what signature you are generating of yourself every time you
log into that remote SSH console. Perhaps you might also be
interested in the fact that simple mathematical operations, such as 2
* 100, could result in timing attacks against your algorithm, whereas
100 * 2 may not. Scary stuff.
Zalewski continues with seemingly innocuous attacks that can occur
before your IP packets ever leave the local network. It is unnerving
to find out just how easy (and cheap) it is to reconstruct data from
those blinking lights on your network equipment, or unsanitary
Ethernet frames. Have you ever given thought to how nice it was to
have virtual network auto-configuration on your switches? Well, so do
your foes.
Once your packets touch other nodes all across the Internet, that's
when the real fun begins. If you are already familiar with the OSI
Model and the TCP/IP suite, then your reading will hit a low point for
the next thirty pages or so. However, when you emerge from this sand
trap of common knowledge, most certainly provided to assist uninformed
readers, you are met with quite worthy knowledge detailing the ability
to accurately identify remote parties, who otherwise may wish to
remain anonymous. Your choice of Operating System and Web Browser may
help somewhat, but Zalewski shows how you can still be sniffed out
even across the sea of the Internet.
Zalewski concludes the book with a brief look at the entire Internet
as an aggregate system, and how subtleties of its inner-workings can
be exploited by those who understand them. It never once crossed my
mind to utilize carefully constructed packets for distributed
computing tasks acting as Boolean operations, but one of the final
topics regarding parasitic storage does appear quite attainable.
Zalewski's final chapter in the book leaves us with the lesson that
sometimes all you need to do to discover the minutia, is to open your
eyes.
* p. 127: Figure 9-6, regarding TCP options, is incorrect.
* p. 182/183: '6,4512' should read '64,512'.
* p. 198: 'user-racking' should read 'user-tracking'.
* p. 216: 'www.rogue-severs.com' should likely read 'www.rogue-servers.com'.
* p. 233: 'recover the information he when it bounces back' should
likely read 'recover the information when it bounces back'.
Showing reviews 1-5 of 26
|
|
|
