Michal Zalewski - Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks
Here you can read online Michal Zalewski - Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2005, publisher: No Starch Press, genre: Home and family. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:
Romance novel
Science fiction
Adventure
Detective
Science
History
Home and family
Prose
Art
Politics
Computer
Non-fiction
Religion
Business
Children
Humor
Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.
- Book:Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks
- Author:
- Publisher:No Starch Press
- Genre:
- Year:2005
- Rating:3 / 5
- Favourites:Add to favourites
- Your mark:
Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks: summary, description and annotation
We offer to read an annotation, description, summary or preface (depends on what the author of the book "Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.
There are many ways that a potential attacker can intercept information, or learnmore about the sender, as the information travels over a network. Silence on the Wireuncovers these silent attacks so that system administrators can defend against them,as well as better understand and monitor their systems.
Silence on the Wire dissects several unique and fascinating security andprivacy problems associated with the technologies and protocols used in everydaycomputing, and shows how to use this knowledge to learn more about others or tobetter defend systems. By taking an indepth look at modern computing, from hardwareon up, the book helps the system administrator to better understand security issues,and to approach networking from a new, more creative perspective. The sys admin canapply this knowledge to network monitoring, policy enforcement, evidence analysis,IDS, honeypots, firewalls, and forensics.
Michal Zalewski: author's other books
Who wrote Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks? Find out the surname, the name of the author of the book and a list of all author's works by series.
Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks — read online for free the complete book (whole text) full work
Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.
Font size:
Interval:
Bookmark:
Copyright 2005
All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner and the publisher.
No Starch Press and the No Starch Press logo are registered trademarks of No Starch Press, Inc. Other product and company names mentioned herein may be the trademarks of their respective owners. Rather than use a trademark symbol with every occurrence of a trademarked name, we are using the names only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark.
The information in this book is distributed on an As Is basis, without warranty. While every precaution has been taken in the preparation of this work, neither the author nor No Starch Press, Inc. shall have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the information contained in it.
No Starch PressFor Maja
What does it take to write a novel book on computer security? Or rather, what does it take to write a novel on modern computing?
A young yet highly experienced author with talents in many areas including many aspects of computing, mathematics, and electronics (and perhaps a hobby in robotics), as well as other seemingly unrelated interests (including, lets say, fatalistic erotic photography), and indeed with a talent and desire to write.
Once upon a time in a dark and largely unexplored forest, the magic chemistry of (brain cell) trees gave birth to a bit of information, only to let him sail his way down a quick river, into the vast sea (of the Internet), and ultimately find his new home, grave, or maybe a place in a museum .
And so the tale begins. Whether our little bit is good or evil, at a young age he will reach the stream flowing into a shiny castle made out of white-colored foil (yet regarded by many as a black box). He will pass through the entrance and approach the counter to check in. If he werent so naive and short-sighted, he could notice a group of evil-looking bits staring at the counter from a distance, taking note of the time bits check in and out; he would have no choice but to proceed to sign in, though .
Once rested, our hero might be asked to team up with his siblings or to join a group of other bits and bitesses, and together they would pack their bodies tightly onto a used inflatable boat. A careful bit could notice bits of garbage (or is that garbage?) in the boat, presumably left by a previous group .
Observing the traffic lights and squeezing through traffic jams, our bits enter a safe harbor and sail to the wharf. Will they be seen from nearby castles and lighthouses? Will someone track the traffic light switches to determine just when our group sailed? Will someone turn on lights at the wharf and take pictures? Will those other evil bits assume the identity of ours and sail away to the sea first? Our bits wouldnt know .
And so they change boats at the wharf and sail to the sea... The journey of our pet bits proceeds, with many dangers yet to come .
No, Michals book does not hide technical detail behind a fairy tale as I have above. Rather, while a very entertaining read, it gets all the facts straight and promptly gives answers to most challenges introduced at the beginning of each chapter.
Silence on the Wire is unique in many aspects, but two stand out: First, it provides in-depth coverage of almost all essential stages of data processing that enable todays internetworkingfrom a keypress to the intended end result of that keypress. Second, it outlines the largely overlooked, under-researched, and inherent security issues associated with each stage of networking and with the process as a whole. The security issues covered serve well to demonstrate the art of vulnerability research from both the attackers and the defenders perspective, and will encourage further research on the part of the reader.
Clearly, a computer security book cant be comprehensive. In SotW , Michal has provocatively chosen to leave out all the well known yet highly dangerous and widespread vulnerabilities and attacks being discussed and worked on today by most in the information security community. He will teach you about subtle keystroke timing attacks, but you will not be reminded that trojan horse software with key logging capabilities is currently both more common and easier to use than any of such attacks could ever be.
Why mention keystroke timings while leaving the trojans out? Because timing attacks are largely underappreciated and misunderstood even by information security professionals, whereas trojans are a widely known and obvious threat. Vulnerability to timing attacks is a property of the design of many components involved, whereas to implant a trojan requires either a software bug or an end-user error.
Similarly, and with few exceptions, you wont find the slightest mention in SotW of the widely exploited software bugsor even generic software bug classes such as buffer overflows. If you are not already familiar with the common computer security threats and would like to gain that knowledge, you will need to accompany yourself on your journey through this book with the perusal of less exciting material available on the Internet and in other books, and in particular with material pertaining to the specific operating systems that you use.
Why study silence, you may wonderisnt that a nothing? Yes, in a sense. A zero is a nothing in that sense, too. But it is also a number, a concept we cannot really understand the world without.
Enjoy the silencethe best you can.
Alexander Peslyak
Founder and CTO
Openwall, Inc.
better known as
Solar Designer
Openwall Project leader
January 2005
I seem to have been born a computer geek, but my adventure with network security began only by accident. I have always loved to experiment, explore new ideas, and solve seemingly well defined but still elusive challenges that require innovative and creative approacheseven if just to fail at solving them. When I was young, I spent most of my time pursuing sometimes risky and often silly attempts to explore the world of chemistry, mathematics, electronics, and finally computing rather than ride my bike around the block all day long. (I probably exaggerate a bit, but my mother always seemed to be worried.)
Shortly after my first encounter with the Internet (in the mid 90s, perhaps eight years after I coded my first Hello world program on a beloved 8-bit machine), I received an unusual request: a spam letter that, hard to believe, asked me (and a couple thousand other folks) to join an underground team of presumably malicious, black hat hackers. This did not drive me underground (perhaps due to my strong instinct for self-preservation, known in certain circles as cowardice) but somehow provided a good motivation to explore the field of computer security in more detail. Having done plenty of amateur programming, I found it captivating to look at code from a different perspective and to try to find a way for an algorithm to do something more than it was supposed to do. The Internet seemed a great resource for the challenges I craveda big and complex system with only one guiding principle: You cannot really trust anyone. And so it all began.
Font size:
Interval:
Bookmark:
Similar books «Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks»
Look at similar books to Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.
Discussion, reviews of the book Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.