Suche books:   





Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks
Michal Zalewski

No Starch Press, 2005 - 312 pages

average customer review:based on 25 reviews
view larger image
 for more information click here

   highly recommended  highly recommended






And You Think You Have it Under Control

My first approach to computer network/server security was "Why would anyone bother with a little site like mine." I found out when all of a sudden someone was using it as an open relay to send out spam. I fixed that one.

Later I found that my web server was using an awful lot of bandwidth, it was being used as a re-transmitter of first run movies. Then somehow one of the systems got infected with CoolWebSearch -- It was of course a new version so none of the erasing tools worked and I had to go back to an earlier state of the machine. Now somehow a popup thing is running on one of the machines that none of the anti-spyware, anti-popup software can catch. (I changed to the Firefox browser on that machine and the popups stopped, so at least I know it's an IE problem.)

So now my machines are sitting behind a hardware firewall, running all kinds of anti software, and I feel pretty good. Well I felt pretty good until ...

Here comes this book from No Starch Press. (I find their books to be universally excellent.) It talks about a level of penetration about which I had only heard vague rumors. This book is a narrative of the web, of computer architecture, of the way protocols like TCP/IP work. It isn't so much a cookbook of how to install this piece of software to solve your problem so much as the background information on what you're dealing with. Not for beginners, this is a thoughtful, clever analysis of how things work.

If you're a security type, you don't want to miss this one.


 for more information click here


Heavy Geekdom and yet..

First: this is ultra-heavy geek territory, but it's not necessarily computer geeks only. What I mean is that although this is all computer and networking related, any general engineering geek-type will probably enjoy it.

What I particularly liked is the author's attention to detail. I'd start reading a chapteer and think "Yeah, I know this", but then realize that he was just leading me through the basics because he had something important and interesting to say that I probably did NOT know.. and that was usually true.

And although there is a lot of ink devoted to explaining the background of things you may already know, I didn't mind it because the author has style and wit and presents things with a slant that makes it fun to read even when I already knew everything.

Before I was done with this, I cornered my geek son-in-law and had him read one chapter. He's very busy right now, and hasn't had time to read two other books I gave him last month. He read the chapter and I said "You want this when I'm done, right?". He said "Oh, yeah. Definitely".


 for more information click here









 for more information click here


Just when you thought it was safe to go back in the water...

Just when you thought you had a decent handle on how to protect yourself on-line, out comes a book that exposes a whole new series of exploits you probably haven't thought about... Silence on the Wire by Michal Zalewski.

Chapter List: I Can Hear You Typing; Extra Efforts Never Go Unnoticed; Ten Heads Of The Hydra; Working For The Common Good; Blinkenlights; Echoes Of The Past; Secure In Switched Networks; Us Versus Them; Foreign Accent; Advanced Sheep-Counting Strategies; In Recognition Of Anomalies; Stack Data Leaks; Smoke And Mirrors; Client Identification: Papers, Please!; The Benefits Of Being A Victim; Parasitic Computing, Or How Pennies Add Up; Topology Of The Network; Watching The Void; Closing Words; Bibliographic Notes; Index

The subtitle of this book is "a field guide to passive reconnaissance and indirect attacks", and that gives you a pretty good idea as to the direction that Zalewski is going with his information. While most security books deal with active attacks designed to either take over your system or crash it, Silence is more concerned with how you may be inadvertently giving up more information than you think. This may happen based on detailed analysis of the timing patterns on data sent over the network. By careful analysis, it's possible to deduce a significant percentage of the data, leaving the rest of the data vulnerable to statistical analysis and attack. Visual representation of IP sequence numbers can also give strong indications as to what type of system may be sending the packets. It could even be something as "innocent" as hi-tech monitoring of the blinking lights on the front of your modem. These types of attacks are not "script-kiddy" exploits, in that there is a lot of theory and analysis involved in interpreting the results. But the fact remains that someone you can't see may be getting more information about you than you think.

Zalewski goes into a lot of detail about the architectural underpinnings of a system in order to set the stage for the type of monitoring that can happen. If you're just looking for "how do I do a timing attack?", you'll probably go away very frustrated. But if you're the type of reader who asks "how does the design of a system facilitate that type of information leakage?", you'll definitely treasure this volume. The type of information that Zalewski covers here isn't readily available in any other single volume. Therefore, it fills a gap in the security library that most people don't even realize exists.

A good read that will open your eyes to problems you weren't even aware of...


 for more information click here






An enlightening read

This book fills and important gap in almost every security administrator's bookshelf. It talks about privacy problems you should be most certainly aware of if you work for an company that deals with sensitive data (or if you just want to learn something new).

It is a captivating and well paced read. I strongly recommend getting it if you are past your "security 101" training.


Very helpful for senior technical security workers

If you have been a senior technical analyst in an infosec shop for several year, you have seen most of this before, in fact some of it has been published before. However, I have never seen so much information in one place on the subject of passive reconnaissance. Who needs horror movies? Read this book and follow it up with Black Ice by Verton and you probably will not sleep for a week!

If you work in information warfare, this should be mandatory reading! If you are responsible for very high value targets like Walmart's dataprocessing, or Intel's or Citibank's it is imperative that you read Zalewski's work page by page.

I don't think the book will work for those new to networking and technical security. It almost could but the book's layout reads more like a thesis, or an IEEE journal paper than a helpful book that teaches and equips. I do this stuff for a living and had to stop several times and say, "OK what is the point".

If this goes to second printing or second edition, I recommend the use of tools such as text boxes and callouts to make the main points easier to follow.

Chapter 9 was the biggest disappointment. The author is truly an expert and could have taught the reader so much more about the interpretation of the header fields.

However, those are nits, no book can be perfect. The book is well worth the money for the right reader! I am glad I got to read it and will recommend it for the SANS conference book store!


 for more information click here


reviews: 1, 2, 3, 4, page 5



hot or not?    What's your opinion?     Write a review and share your thoughts!



recommendations

My favorite Computer Security and Penetration Testing Books
Suggested Reading for Cyber Analysts.
Network Security Top Reading List
Sweet Computer Science Books
No Starch Press Books




search for books
silence on the, attacks, field, guide, indirect, passive, reconnaissance, silence

Impressum / about us


Suche books: