 | | |
| Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks | 
| Author: Michal Zalewski
Publisher: No Starch Press
Category: Book
List Price: $39.95
Buy New: $11.90
You Save: $28.05 (70%)
Buy New/Used from $8.70
Avg. Customer Rating:  (25 reviews)
Sales Rank: 204876
Format: Illustrated
Languages: English (Original Language), English (Unknown), English (Published)
Media: Paperback
Number Of Items: 1
Pages: 312
Shipping Weight (lbs): 1.3
Dimensions (in): 9.2 x 6.9 x 1
ISBN: 1593270461
Dewey Decimal Number: 005.8
UPC: 689145704617
EAN: 9781593270469
ASIN: 1593270461
Publication Date: April 15, 2005
Availability: Usually ships in 1-2 business days
|
| Similar Items:
|
| Editorial Reviews:
Product Description
There are many ways that a potential attacker can intercept information, or learn more about the sender, as the information travels over a network. Silence on the Wire uncovers these silent attacks so that system administrators can defend against them, as well as better understand and monitor their systems. Silence on the Wire dissects several unique and fascinating security and privacy problems associated with the technologies and protocols used in everyday computing, and shows how to use this knowledge to learn more about others or to better defend systems. By taking an indepth look at modern computing, from hardware on up, the book helps the system administrator to better understand security issues, and to approach networking from a new, more creative perspective. The sys admin can apply this knowledge to network monitoring, policy enforcement, evidence analysis, IDS, honeypots, firewalls, and forensics.
|
| Customer Reviews: Read 20 more reviews...
 Great reading July 23, 2008
A must for any IT security/networking engineer. Great read, great price, informative yet entertaining.
 Great read June 15, 2008
Nutshell review - This is a great read. Very entertaining and informative. Will really open your eyes and make you think about unusual information security issues and attack vectors.
 Interesting but academic February 6, 2008
Zalewski brought up a number of interesting and very innovative security situations and possibilities. The statistical derivation of content based upon CPU utilization, is something I had never even considered... but at the same time it looks like it could be more work than someone would be willing to invest. The writing style is also slightly academic. A fair amount of time is spent giving background and information about a topic when those who may see the situation will probably already understand the history. I will have to admit that this was not a page turner, but I am very happy I bought this book. It was just a little difficult to get through at times.
Zalewski deals in the minutia December 14, 2007
1 out of 1 found this review helpful
Silence on the Wire is not your typical security book detailing the
latest application exploits or generalized security trends and attack
prevention. Zalewski deals in the minutia. If you were to construct
a Bell Curve of security knowledge and concepts, you would need to
chop out a large portion of this graph and simply include the upper
threshold, in which Zalewski thrives on the seemingly unknown.
Zalewski takes a bottom-up approach. He dives right into the security
of hardware design, Random Number Generation, and how this can all add
up to information leakages otherwise known as security threats. If
you have ever typed on a keyboard, then you may be interested in
knowing what signature you are generating of yourself every time you
log into that remote SSH console. Perhaps you might also be
interested in the fact that simple mathematical operations, such as 2
* 100, could result in timing attacks against your algorithm, whereas
100 * 2 may not. Scary stuff.
Zalewski continues with seemingly innocuous attacks that can occur
before your IP packets ever leave the local network. It is unnerving
to find out just how easy (and cheap) it is to reconstruct data from
those blinking lights on your network equipment, or unsanitary
Ethernet frames. Have you ever given thought to how nice it was to
have virtual network auto-configuration on your switches? Well, so do
your foes.
Once your packets touch other nodes all across the Internet, that's
when the real fun begins. If you are already familiar with the OSI
Model and the TCP/IP suite, then your reading will hit a low point for
the next thirty pages or so. However, when you emerge from this sand
trap of common knowledge, most certainly provided to assist uninformed
readers, you are met with quite worthy knowledge detailing the ability
to accurately identify remote parties, who otherwise may wish to
remain anonymous. Your choice of Operating System and Web Browser may
help somewhat, but Zalewski shows how you can still be sniffed out
even across the sea of the Internet.
Zalewski concludes the book with a brief look at the entire Internet
as an aggregate system, and how subtleties of its inner-workings can
be exploited by those who understand them. It never once crossed my
mind to utilize carefully constructed packets for distributed
computing tasks acting as Boolean operations, but one of the final
topics regarding parasitic storage does appear quite attainable.
Zalewski's final chapter in the book leaves us with the lesson that
sometimes all you need to do to discover the minutia, is to open your
eyes.
* p. 127: Figure 9-6, regarding TCP options, is incorrect.
* p. 182/183: '6,4512' should read '64,512'.
* p. 198: 'user-racking' should read 'user-tracking'.
* p. 216: 'www.rogue-severs.com' should likely read 'www.rogue-servers.com'.
* p. 233: 'recover the information he when it bounces back' should
likely read 'recover the information when it bounces back'.
Light Face of the Dark Side July 16, 2007
0 out of 2 found this review helpful
The Global Network is not a battle ground. It is a play ground.
This book although it covers security issues is great insight into the mentality that the security geeks can have. For them the security of platforms and networks are faulted and the hackers task is to disclose that.
|
|
|
Powered by: Dknc, inc. and Amazon.com | | 
For your safety and security, orders are processed through amazon.com
|
|
|
|
