 | | |
| Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks | 
| Author: Michal Zalewski
Publisher: No Starch Press
Category: Book
List Price: $39.95
Buy New: $11.28
You Save: $28.67 (72%)
Buy New/Used from $5.40
Avg. Customer Rating:  (25 reviews)
Sales Rank: 229589
Format: Illustrated
Media: Paperback
Number Of Items: 1
Pages: 312
Shipping Weight (lbs): 1.3
Dimensions (in): 9.2 x 6.9 x 1
ISBN: 1593270461
Dewey Decimal Number: 005.8
UPC: 689145704617
EAN: 9781593270469
ASIN: 1593270461
Publication Date: April 15, 2005
Availability: Usually ships in 1-2 business days
|
| Customer Reviews:
 A Wonderful Treatment of Network Security June 12, 2007
4 out of 4 found this review helpful
At a conference I was at some time ago, a fellow mentioned to me that one person he would probably not want to play poker with is Michal Zalewski. I didn't really get his statement at the time, but after reading this book, I can now wholeheartedly understand his reluctance.
Although only 260 pages long, Michal's book covers an incredibly wide range of topics, pinpointing numerous areas in which incredible amounts of information about you and your computer are available, even though it may not seem that way at first blush. From the keyboard, to the processor, to the operating system, to the network wire, Michal points out the many holes from which this information is leaking from. His writing style gives rise to an entertaining narrative where a high-level picture makes the main concept available to everyone, while at the same time providing citations in the footnotes that let you delve into the details at a later point.
Silence on the Wire impressed me in so many ways that it's difficult to list them all here. Michal's understanding of so many areas in computer security is simply astounding. He covers each topic in just enough detail, not bogging down the reader in lots of technical jargon, but also not doing an inordinate amount of 'hand-waving'. His movement through the various components of the computer and the network is very well done; it ties together in a nice progression that the reader can follow easily.
I enjoyed the a nice selection of papers Michal discusses in which many ingenious attacks were described (timing attacks on RSA, SSH password recovery through timing analysis, TEMPEST, etc.). But one thing that truly stood out in this book is Michal's own contribution, which includes his work with p0f, the analysis of various ISN generators, and his work on identifying various web browsers through timing analysis. I was just amazed at how easily Michal pulled these 'fingerprints' out of seemingly random and/or innocuous data sets.
I had actually read about much of the work that Silence on the Wire covers beforehand, but in spite of that I learned a great deal from this book, and I know that many others can too. If you only read one book on network security, make it this one!
super March 8, 2007
2 out of 2 found this review helpful
Thanks a lot, we are very happy to have this book in our library!
 New look at the (in)security of networked computers January 13, 2007
3 out of 3 found this review helpful
I am a student studying information security and I've read many books lately on the subject. Silence on the Wire is truly a unique book, and a nice change from the conventional reading material. Michal is a known expert in his field, and you can find many of his works and research in a simple search. His book focuses on the basic, yet most overlooked computer and network designs that can be attacked. In Silence on the Wire, Michal takes us on a long, treacherous journey of a packet, from when the data is first entered to its final destination. Along the way, we look at flaws in the design of computers and networks and how they are eventually exploited.
I held off reading this book all summer, after trying to read through the second chapter and finally getting frustrated with it. Chapter two is the book's downfall, as it spends entirely too much time getting to "the point" (as Richard Bejtlich puts it). Michal's explanations here were too confusing and will lose almost any reader. I think the section on the Turing Machine can be skipped over, unless you slow down and take notes and draw yourself diagrams of the information. Only then, will you probably understand what it's getting at. I'm happy to say though, reading the rest of the book was fairly easy; anybody with a background in network computing and security will be able to follow along.
Silence on the Wire is a fascinating read and I definitely recommend it to anybody who is interested or responsible for information security. Michal hopes his book will give you a new perspective on security and explore the relationships and interactions between components. I am glad I got to read this book and hope one day to contribute my own research to the topic.
Something to have in mind November 10, 2006
2 out of 2 found this review helpful
Maybe not all of the possible threats described are real today, but one really get a glimpse into a world where the major objective is to exploit possibilities not intended to be there. People populating this world think differently than the rest of us, and an explanation of how they think is both scary and enlightening. Michal Zalewski walks us through various scenarios in an easy to understand and an often humorous way.
Interesting and detailed August 6, 2006
3 out of 4 found this review helpful
Zalewski offers a nice overview of passive information extraction techniques. Each section covers one approach to the problem of determining something about someone's computer use without being detected. He provides an overview of the technology involved and then talks about how to exploit it.
Sometimes his technology overviews are more suited to a neophyte, other times they correctly cover some arcane aspects of a standard. His writing style is familiar and easy going - no hard to read slogs in this book. Some of his analysis is dated and the techniques may not apply today, but they got me thinking of other things to look into.
I learned a few things from this book. Anytime I can remain entertained while that happens I consider it a win.
|
|
|
Powered by: Dknc, inc. and Amazon.com | | 
For your safety and security, orders are processed through amazon.com
|
|
|
|
