books:
•
Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks
Michal Zalewski
No Starch Press
, 2005 - 312 pages
average customer review:
based on 24 reviews
view larger image
for more information click here
highly recommended
Recommended to the attention of technophiles with an interest in computer security
Silence
On The
Wire
: A
Field
Guide
To
Passive
Reconnaissance
And
Indirect
Attacks
by computer security and programming expert Michal Zalewski focuses upon fundamentals of computing so that even non-specialist general readers can understand network design and their own computing activities, becoming able to address computer security issues. Silence On The Wire follows the path of a piece of information from the moment the user's hand touches the computer keyboard to the instant when it is received by a remote party on the other end of the wire. Zalewski notes that security concerns don't simply stem from a set of isolated faults that can be worked around, but represent issues associated with every process and system, and therefore they need to be understood and studied within that broader and more comprehensive context. Informed and informative, thoughtful and thought-provoking, Silence On The Wire should be considered mandatory reading for all security professionals, and is enthusiastically recommended to the attention of technophiles with an interest in computer security for themselves and their associates.
for more information click here
A mix of novel insights backed by standard background details
I received
Silence
on the
Wire
(SOTW) almost one year ago. When I first tried reading the book, I couldn't get past Ch 1. In fact, I didn't try reading anything for three months, hoping I could re-engage SOTW. Eventually I put SOTW aside and read other books, only to return to SOTW this week. I'm glad I gave SOTW a second chance. There's plenty to like in this book if you look for the details that interest you.
Don't get me wrong; SOTW is one of the most innovative and original computing books available. You will find it even more interesting if you are not familiar with many of the works the author summarizes or describes. Those of you who have been active for the last 5-10 years will recognize research on poor Initial Sequence Numbers, various timing
attacks
, remotely counting hosts behind NAT, and so on. In some cases the author added novel insights to this old research, or presented related but obscure new variations. NAT detection via MSS clamping (Ch 11) is one example.
In some cases the author describes really cool techniques based on research I had not encountered. Parasitic storage and getting remote hosts to solve computational problems (Ch 16) are amazing ideas. Kudos to the author for including a bibliography, with references to many interesting papers.
SOTW suffers from one major flaw. SOTW sometimes wastes far too much time getting to "the point." For example, Ch 2 spends 20 pages explaining internal CPU workings and logic gates before finally talking about timing attacks. This bothered me on two fronts. One, many readers do not need a rehash of computing basics. Two, I was less inclined to slog through those 20 pages because I did not know why they were included.
This tendency to spend far too much time on background material appears in other SOTW chapters. Ch 5 spends 15 pages on modems and Ethernet before getting to "the point." (Ch 6 also repeats Ethernet basics.) Ch 9 includes way to many pages describing IP, UDP, TCP, and ICMP headers -- basic data found in any introductory networking book. Ch 14 describes the Web, HTTP, cookies, etc. The truth is that computing newbies are not going to appreciate many deeper insights in SOTW. If one accepts the premise that the audience must be intermediate-advanced to like the book, why waste their time on basic material?
I found only a few minor flaws. First, the author repeatedly starts sentences with "Too,". That should have been edited out. Second, p 80 states that "20 meters" is "just under 100 feet". It's more like 66 feet. On p 194 we read that sending a SYN packet to a closed port elicits a "RST". I see this frequently in networking books, which is frustrating; a SYN to a closed port elicits a RST ACK. (The authors uses the correct terminology later in the book, however.) On pp 130-131 the text and a table claims that TCP sequence numbers are "echoed back" in the SYN ACK and ACK segments. This isn't the case, as the numbers are incremented, not echoed. On p 129 the author repeats the claim that Kevin Mitnick used a TCP spoofing attacking against Tsutomo Shimomura, although that is most likely not true.
Overall, SOTW is a fascinating book. The intended audience will probably find it most rewarding to skim the text for valuable insights, and skip details on the basics of VLANs, STP, DTP, and the like. On a philosophical level, SOTW's frequent invocation of Turing and other luminaries reminded me that computer science is not the same as computer operations. Universities that churn out computer scientists are producing students not likely able to cope with the reality of intruders exploiting methods outlined in SOTW.
for more information click here
for more information click here
Ages well
This is one of the few information security books that seem to age well: I reread it after over a year, and it still appears to be quite refreshing and up to date. This only goes to show the difference between books written out of genuine passion, and the rest. Big kudos to the author.
The best (most unique, most interesting) security book I've read, period.
I have an extensive library of computer security books, and this is by far the most interesting, most novel, most entertaining computer security book I own. I am actually going through each of the footnotes, reading every paper mentioned in the book. This books is not a textbook for system cracking or defending your system, like O'Reilly's Practical Unix and Internet Security (my second favorite security book). Instead Zalewski has gone somewhere entirely new, showing how your computer leaks information to other parties without 99.999% of the population realizing it. I do network security for a living, am a privacy fanatic, and figured I'd learn a few new things. I was overwhelmed by the amount of new information I learned. Reading this book was a humbling yet exhilirating experience. Some of the sections are written so clearly a lay person could understand them, but other sections assume a great deal of knowledge of computer lore, particularly TCP/IP networking. Buy this book, then run silent, run deep.
for more information click here
Break from the norm
I thought this was an excellent break from the standard fare of titles on hacking. It brought to light the efforts people can take to gain information about your systems. While I'm very skilled in technology, some of the books out there can be quite detailed and boring.
Silence
did a great job of breaking things down to a clear and readable level, and still presented some very detailed items. Anyone interested in systems security should read this book as a baseline primer if nothing else.
reviews
:
1
,
2
,
page 3
,
4
,
5
hot
or
not?
What's your opinion?
Write a review and share your thoughts!
recommendations
My favorite Computer Security and Penetration Testing Books
Suggested Reading for Cyber Analysts.
Network Security Top Reading List
Sweet Computer Science Books
No Starch Press Books
search for books
silence on the
,
attacks
,
field
,
guide
,
indirect
,
passive
,
reconnaissance
,
silence
Impressum / about us
books:
other categories
apparel
baby
beauty
books
camera & photo
cell phones
classical music
computers
dvd
software
kitchen
gourmet food
health & personal care
magazines
musical instruments
office products
outdoor living
pc & video games
popular music
electronics
sporting goods
tools & hardware
toys & games
pet supplies
vhs video
watches & jewelry
german
Bücher
DVD
klassische Musik