Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks

( 3 )

Overview

There are many ways that a potential attacker can intercept information, or learnmore about the sender, as the information travels over a network. Silence on the Wireuncovers these silent attacks so that system administrators can defend against them,as well as better understand and monitor their systems.

Silence on the Wire dissects several unique and fascinating security andprivacy problems associated with the technologies and protocols used in everydaycomputing, and shows how ...

See more details below
Paperback
$25.93
BN.com price
(Save 35%)$39.95 List Price

Pick Up In Store

Reserve and pick up in 60 minutes at your local store

Other sellers (Paperback)
  • All (35) from $1.99   
  • New (15) from $6.01   
  • Used (20) from $1.99   
Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks

Available on NOOK devices and apps  
  • NOOK Devices
  • Samsung Galaxy Tab 4 NOOK
  • NOOK HD/HD+ Tablet
  • NOOK
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac
  • NOOK for Web

Want a NOOK? Explore Now

NOOK Book (eBook)
$17.99
BN.com price
(Save 43%)$31.95 List Price

Overview

There are many ways that a potential attacker can intercept information, or learnmore about the sender, as the information travels over a network. Silence on the Wireuncovers these silent attacks so that system administrators can defend against them,as well as better understand and monitor their systems.

Silence on the Wire dissects several unique and fascinating security andprivacy problems associated with the technologies and protocols used in everydaycomputing, and shows how to use this knowledge to learn more about others or tobetter defend systems. By taking an indepth look at modern computing, from hardwareon up, the book helps the system administrator to better understand security issues,and to approach networking from a new, more creative perspective. The sys admin canapply this knowledge to network monitoring, policy enforcement, evidence analysis,IDS, honeypots, firewalls, and forensics.

Written by a well-known figure in the security/hacking community, this book stimulates readers to think more creatively about security problems and focuses on non-trivial and significant problems, not hype. The captivating narrative examines the journey of a packet of information, from input to destination, the secrets it divulges, and the security problems it faces along the way.

Read More Show Less

Product Details

  • ISBN-13: 9781593270469
  • Publisher: No Starch Press San Francisco, CA
  • Publication date: 4/28/2005
  • Edition number: 1
  • Pages: 312
  • Sales rank: 697,545
  • Product dimensions: 7.10 (w) x 9.24 (h) x 0.85 (d)

Meet the Author

Michal Zalewski is an internationally recognized information security expert with a long track record of delivering cutting-edge research. He is credited with discovering hundreds of notable security vulnerabilities and frequently appears on lists of the most influential security experts. He is the author of Silence on the Wire (No Starch Press), Google's "Browser Security Handbook," and numerous important research papers.

Read More Show Less

Table of Contents

Dedication;
Foreword;
Introduction;
A Few Words about Me;
About This Book;
The Source;
Chapter 1: I Can Hear You Typing;
1.1 The Need for Randomness;
1.2 The Security of Random Number Generators;
1.3 I/O Entropy: This Is Your Mouse Speaking;
1.4 Entropy Is a Terrible Thing to Waste;
1.5 Attack: The Implications of a Sudden Paradigm Shift;
1.6 Food for Thought;
Chapter 2: Extra Efforts Never Go Unnoticed;
2.1 Boole’s Heritage;
2.2 Toward the Universal Operator;
2.3 Toward the Material World;
2.4 A Nonelectric Computer;
2.5 A Marginally More Popular Computer Design;
2.6 From Logic Operators to Calculations;
2.7 From Electronic Egg Timer to Computer;
2.8 Turing and Instruction Set Complexity;
2.9 Implications: Subtle Differences;
2.10 In Practice;
2.11 Prevention;
2.12 Food for Thought;
Chapter 3: Ten Heads of the Hydra;
3.1 Revealing Emissions: TEMPEST in the TV;
3.2 Privacy, Limited;
Chapter 4: Working for the Common Good;
Safe Harbor;
Chapter 5: Blinkenlights;
5.1 The Art of Transmitting Data;
5.2 The Implications of Aesthetics;
5.3 Building Your Own Spy Gear . . .;
5.4 . . . And Using It with a Computer;
5.5 Preventing Blinkenlights Data Disclosure—and Why It Will Fail;
5.6 Food for Thought;
Chapter 6: Echoes of the Past;
6.1 Building the Tower of Babel;
6.2 The Missing Sentence;
6.3 Food for Thought;
Chapter 7: Secure in Switched Networks;
7.1 Some Theory;
7.2 Attacking the Architecture;
7.3 Prevention of Attacks;
7.4 Food for Thought;
Chapter 8: Us versus Them;
8.1 Logical Blinkenlights and Their Unusual Application;
8.2 The Unexpected Bits: Personal Data All Around;
8.3 Wi-Fi Vulnerabilities;
Out in the Wild;
Chapter 9: Foreign Accent;
9.1 The Language of the Internet;
9.2 Internet Protocol;
9.3 Beyond Internet Protocol;
9.4 User Datagram Protocol;
9.5 Transmission Control Protocol Packets;
9.6 Internet Control Message Protocol Packets;
9.7 Enter Passive Fingerprinting;
9.8 Passive Fingerprinting in Practice;
9.9 Exploring Passive-Fingerprinting Applications;
9.10 Prevention of Fingerprinting;
9.11 Food for Thought: The Fatal Flaw of IP Fragmentation;
Chapter 10: Advanced Sheep-Counting Strategies;
10.1 Benefits and Liabilities of Traditional Passive Fingerprinting;
10.2 A Brief History of Sequence Numbers;
10.3 Getting More Out of Sequence Numbers;
10.4 Delayed Coordinates: Taking Pictures of Time Sequences;
10.5 Pretty Pictures: TCP/IP Stack Gallery;
10.6 Attacking with Attractors;
10.7 Back to System Fingerprinting;
10.8 Preventing Passive Analysis;
10.9 Food for Thought;
Chapter 11: In Recognition of Anomalies;
11.1 Packet Firewall Basics;
11.2 The Consequences of Masquerading;
11.3 Segment Size Roulette;
11.4 Stateful Tracking and Unexpected Responses;
11.5 Reliability or Performance: The DF Bit Controversy;
11.6 Food for Thought;
Chapter 12: Stack Data Leaks;
12.1 Kristjan’s Server;
12.2 Surprising Findings;
12.3 Revelation: Phenomenon Reproduced;
12.4 Food for Thought;
Chapter 13: Smoke and Mirrors;
13.1 Abusing IP: Advanced Port Scanning;
13.2 Defense against Idle Scanning;
13.3 Food for Thought;
Chapter 14: Client Identification: Papers, Please!;
14.1 Camouflage;
14.2 A (Very) Brief History of the Web;
14.3 A HyperText Transfer Protocol Primer;
14.4 Making HTTP Better;
14.5 Uncovering Treasons;
14.6 Prevention;
14.7 Food for Thought;
Chapter 15: The Benefits of Being a Victim;
15.1 Defining Attacker Metrics;
15.2 Protecting Yourself: Observing Observations;
15.3 Food for Thought;
The Big Picture;
Chapter 16: Parasitic Computing, or How Pennies Add Up;
16.1 Nibbling at the CPU;
16.2 Practical Considerations;
16.3 Parasitic Storage: The Early Days;
16.4 Making Parasitic Storage Feasible;
16.5 Applications, Social Considerations, and Defense;
16.6 Food for Thought;
Chapter 17: Topology of the Network;
17.1 Capturing the Moment;
17.2 Using Topology Data for Origin Identification;
17.3 Network Triangulation with Mesh-Type Topology Data;
17.4 Network Stress Analysis;
17.5 Food for Thought;
Chapter 18: Watching the Void;
18.1 Direct Observation Tactics;
18.2 Attack Fallout Traffic Analysis;
18.3 Detecting Malformed or Misdirected Data;
18.4 Food for Thought;
Closing Words;
Bibliographic Notes;
;
Updates;

Read More Show Less

Customer Reviews

Average Rating 4.5
( 3 )
Rating Distribution

5 Star

(2)

4 Star

(1)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing all of 3 Customer Reviews
  • Posted April 6, 2009

    more from this reviewer

    The most interesting security-related book I've read since Schneier's "Applied Cryptography"

    Before I bought this book I had seen some of Zalewski's work: his museum of broken packets and his famous Mozilla Firefox vulnerability reports. Because of that, I suspected Zalewski's book would be worth reading. Well, It actually turned out to be much more than that.

    Silence on the wire is an awesome book, clearly targeted for security enthusiasts. In its 18 chapters, it shows many different (and often undetectable) ways in which an attacker can obtain useful information just by watching the way your systems behave. Did you know that in some cases it's possible to determine an attacker's system clock time that is port-scanning one of your boxes? Did you know that there are ways to identify decoys and spoofed packets? Or that you can recover the information being transmitted by a modem just by observing its LEDs? Reading the book you may find that your Ethernet card is leaking kernel-space information, that your system's pseudo-random-number-generator is not that random but totally predictable or that someone is remotely port-scanning your server while all you can see are incoming TCP SYN packets coming from a trusted box.

    Every chapter starts with an introduction, then discusses one or more attack vectors and finally gives some "food for thought", this is, ideas for further research or further paranoia. Sometimes those introductions are longer than they should but at the same time they provide the background required to understand what comes next. For every chapter, the book also includes a list of references to relevant papers, specifications or research projects.

    It is true that the book is 5 years old, but believe me, I didn't find a single line that was outdated. Hey, the book even talks about the recent Kaminsky's DNS vulnerability research and it was published 4 years before it became public! Its fair to say that some of the techniques explained in the book are difficult to use in real world situations but still, they will give you an idea of all the threats you are exposed to. Things can sometimes get scary...

    Honestly, I highly recommend this book for anyone that enjoys network security from a technical point of view, anyone that has to protect critical systems against skilled attackers, or anyone that is interested on knowing how much can someone know about a computer system just using passive and undetectable techniques. I think this is the most interesting security-related book I've read since Schneier's "Applied Cryptography".

    1 out of 1 people found this review helpful.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted May 17, 2005

    a reductionist scrutiny

    Makes you ponder. 'Silence' is not a book about using the latest version of an IDS like Nessus, where you get tons of detail about all its abilities. Instead, Zalewski goes back to the basics of IP and TCP. Much of the book revolves around low level fields in the IP or TCP headers. And how different operating systems often have different policies about filling these fields. A Microsoft OS and a Unix OS would initialise a TTL with different values. So what? Well, a passive surveillance of traffic might give a reasonable guess as to the OS, based on observed TTLs coming from that machine. Other aspects also come under similar reductionist scrutiny. Some of you with a maths background might appreciate the book's analysis of the pseudo random number generators using in making sequence numbers. There are 3 dimensional plots of these outputs, which show very different shapes for different OSs. More importantly, most do not exhibit good randomness. Zalewski eloquently demonstrates these shortcomings.

    1 out of 1 people found this review helpful.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted May 6, 2009

    No text was provided for this review.

Sort by: Showing all of 3 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)