Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks
There are many ways that a potential attacker can intercept information, or learnmore about the sender, as the information travels over a network. Silence on the Wireuncovers these silent attacks so that system administrators can defend against them,as well as better understand and monitor their systems.
Silence on the Wire dissects several unique and fascinating security
An InfoSec book with truly new perspectives, let alone detailed technique, is one of the world's great rarities -- we Defenders of the True Faith, protecting the Internet and her citizens, normally must scour the academic literature, hunt down the deep Webs running on zombied machines for the lancing, draining, and strip-mining of information on Romanian, Russian, and Chinese efforts, and perform our own small researches and inquisitions under nigh ...more
I was looking forward to reading a book that illustrates some of these attack vectors and maybe some feasible usage and defence scenarios.
In reality though, this book is about 80% basic computer science and 20% computer security. The strange things is that most of the basic computer science is pretty irrelevant to the actual attacks which are described at a high ...more
Author Michal Zalewski is respected in the hacking and security communities for his\n intelligence, curiosity and creativity, and this book is truly unlike anything else.\n Silence on the Wire is no humdrum white paper or how-to manual for protecting\n one's network. Rather, this narrative explores a variety of unique, uncommon and\n often elegant security challenges that defy classification and eschew the traditional\n attacker-victim model.
There are many ways that a potential attacker can inte...more
Dokumentiert das kreative Ausnutzen unbeabsichtigter Nebeneffekte in informationstechnischen Produkten; viele (konkrete) Anwendungsbeispiele waren zuletzt zwischen 1997-2004 relevant, manche sind es noch. Die Ansätze, um von einem Gegner unbeabsichtigte Auskünfte über ein Zielobjekt zu gewinnen, sind zumindest prinzipiell übertragbar: Unaufmerksame Entwickler, unvollständige Spezifikationen, kryptoanalytische Naivität und logische Fortgänge bestimm ...more
There are plenty explanations for stuff, but mostly is dumbed down to the point it doesn't even make sense. Besides that, you have explanations for attacks that sounds really scary/cool (depending on your point of view) but after you think a bit about it, it is really hard to execute and, with the necess ...more
In "Silence on the Wire", Zalewksi discusses security vulnerabilities and methods of attack that are simply mind-boggling. Although I've been in InfoSec for quite some time and there are areas of repetition for me, much of the book was fascinating and thought-provoking, from both a defender and attacker mindset.
The one downside is that the b ...more
I bought this book for myself at HOPE 2006, but it was so good I gave it t ...more
Goodreads is hiring!
Learn more »