Silence on the Wire A Field Guide to Passive Reconnaissance and Indirect Attacks

ISBN-10: 1593270461

ISBN-13: 9781593270469

Edition: 2004

Authors: Michal Zalewski

List price: $39.95 Buy it from $4.29
30 day, 100% satisfaction guarantee

If an item you ordered from TextbookRush does not meet your expectations due to an error on our part, simply fill out a return request and then return it by mail within 30 days of ordering it for a full refund of item cost.

Learn more about our returns policy


There are many ways that a potential attacker can intercept information, or learn more about the sender, as the information travels over a network. Silence on the Wire uncovers these silent attacks so that system administrators can defend against them, as well as better understand and monitor their systems. "Silence on the Wire dissects several unique and fascinating security and privacy problems associated with the technologies and protocols used in everyday computing, and shows how to use this knowledge to learn more about others or to better defend systems. By taking an indepth look at modern computing, from hardware on up, the book helps the system administrator to better understand security issues, and to approach networking from a new, more creative perspective. The sys admin can apply this knowledge to network monitoring, policy enforcement, evidence analysis, IDS, honeypots, firewalls, and forensics.
Used Starting from $4.29
New Starting from $30.02
what's this?
Rush Rewards U
Members Receive:
You have reached 400 XP and carrot coins. That is the daily max!
Study Briefs

Limited time offer: Get the first one free! (?)

All the information you need in one place! Each Study Brief is a summary of one specific subject; facts, figures, and explanations to help you learn faster.

Add to cart
Study Briefs
Medical Terminology Online content $4.95 $1.99
Add to cart
Study Briefs
SQL Online content $4.95 $1.99
Add to cart
Study Briefs
MS Excel® 2010 Online content $4.95 $1.99
Customers also bought

Book details

List price: $39.95
Copyright year: 2004
Publisher: No Starch Press, Incorporated
Publication date: 4/25/2005
Binding: Paperback
Pages: 312
Size: 7.00" wide x 9.00" long x 1.00" tall
Weight: 1.430
Language: English

A Few Words about Me
About This Book
The Source
I can Hear You Typing
The Need for Randomness
Automated Random Number Generation
The Security of Random Number Generators
I/O Entropy: This Is Your Mouse Speaking
Delivering Interrupts: A Practical Example
One-Way Shortcut Functions
The Importance of Being Pedantic
Entropy Is a Terrible Thing to Waste
Attack: The Implications of a Sudden Paradigm Shift
A Closer Look at Input Timing Patterns
Immediate Defense Tactics
Hardware RNG: A Better Solution?
Food for Thought
Remote Timing Attacks
Exploiting System Diagnostics
Reproducible Unpredictability
Extra Efforts Never Go Unnoticed
Boole's Heritage
Toward the Universal Operator
DeMorgan at Work
Convenience Is a Necessity
Embracing the Complexity
Toward the Material World
A Nonelectric Computer
A Marginally More Popular Computer Design
Logic Gates
From Logic Operators to Calculations
From Electronic Egg Timer to Computer
Turing and Instruction Set Complexity
Functionality, at Last
Holy Grail: The Programmable Computer
Advancement through Simplicity
Split the Task
Execution Stages
The Lesser Memory
Do More at Once: Pipelining
The Big Problem with Pipelines
Implications: Subtle Differences
Using Timing Patterns to Reconstruct Data
Bit by Bit
In Practice
Early-Out Optimization
Working Code-Do It Yourself
Food for Thought
Ten Heads of the Hydra
Revealing Emissions: TEMPEST in the TV
Privacy, Limited
Tracking the Source: "He Did It!"
"Oops" Exposure: *_[tilde]lq'@@...and the Password Is
Working for the Common Good
Safe Harbor
The Art of Transmitting Data
From Your Email to Loud Noises ... Back and Forth
The Day Today
Sometimes, a Modem Is Just a Modem
Collisions Under Control
Behind the Scenes: Wiring Soup and How We Dealt with It
Blinkenlights in Communications
The Implications of Aesthetics
Building Your Own Spy Gear
... And Using It with a Computer
Preventing Blinkenlights Data Disclosure-and Why It Will Fail
Food for Thought
Echoes of the Past
Building the Tower of Babel
The OSI Model
The Missing Sentence
Food for Thought
Secure in Switched Networks
Some Theory
Address Resolution and Switching
Virtual Networks and Traffic Management
Attacking the Architecture
CAM and Traffic Interception
Other Attack Scenarios: DTP, STP, Trunks
Prevention of Attacks
Food for Thought
Us Versus Them
Logical Blinkenlights and Their Unusual Application
Show Me Your Typing, and I Will Tell You Who You Are
The Unexpected Bits: Personal Data All Around
Wi-Fi Vulnerabilities
Out in the Wild
Foreign Accent
The Language of the Internet
Naive Routing
Routing in the Real World
The Address Space
Fingerprints on the Envelope
Internet Protocol
Protocol Version
The Header Length Field
The Type of Service Field (Eight Bits)
The Total Packet Length (16 Bits)
The Source Address
The Destination Address
The Fourth Layer Protocol Identifier
Time to Live (TTL)
Flags and Offset Parameters
Identification Number
Beyond Internet Protocol
User Datagram Protocol
Introduction to Port Addressing
UDP Header Summary
Transmission Control Protocol Packets
Control Flags: The TCP Handshake
Other TCP Header Parameters
TCP Options
Internet Control Message Protocol Packets
Enter Passive Fingerprinting
Examining IP Packets: The Early Days
Initial Time to Live (IP Layer)
The Don't Fragment Flag (IP Layer)
The IP ID Number (IP Layer)
Type of Service (IP Layer)
Nonzero Unused and Must Be Zero Fields (IP and TCP Layers)
Source Port (TCP Layer)
Window Size (TCP Layer)
Urgent Pointer and Acknowledgment Number Values (TCP Layer)
Options Order and Settings (TCP Layer)
Window Scale (TCP Layer, Option)
Maximum Segment Size (TCP Layer, Option)
Time-Stamp Data (TCP Layer, Option)
Other Passive Fingerprinting Venues
Passive Fingerprinting in Practice
Exploring Passive-Fingerprinting Applications
Collecting Statistical Data and Incident Logging
Content Optimization
Policy Enforcement
Poor Man's Security
Security Testing and Preattack Assessment
Customer Profiling and Privacy Invasion
Espionage and Covert Reconnaissance
Prevention of Fingerprinting
Food for Thought: The Fatal Flaw of IP Fragmentation
Breaking TCP into Fragments
Advanced Sheep-Counting Strategies
Benefits and Liabilities of Traditional Passive Fingerprinting
A Brief History of Sequence Numbers
Getting More Out of Sequence Numbers
Delayed Coordinates: Taking Pictures of Time Sequences
Pretty Pictures: TCP/IP Stack Gallery
Attacking with Attractors
Back to System Fingerprinting
ISNProber-Theory in Action
Preventing Passive Analysis
Food for Thought
In Recognition of Anomalies
Packet Firewall Basics
Stateless Filtering and Fragmentation
Stateless Filtering and Out-of-Sync Traffic
Stateful Packet Filters
Packet Rewriting and NAT
Lost in Translation
The Consequences of Masquerading
Segment Size Roulette
Stateful Tracking and Unexpected Responses
Reliability or Performance: The DF Bit Controversy
Path MTU Discovery Failure Scenarios
The Fight against PMTUD, and Its Fallout
Food for Thought
Stack Data Leaks
Kristjan's Server
Surprising Findings
Revelation: Phenomenon Reproduced
Food for Thought
Smoke and Mirrors
Abusing IP: Advanced Port Scanning
Tree in the Forest: Hiding Yourself
Idle Scanning
Defense against Idle Scanning
Food for Thought
Client Identification: Papers, Please!
Approaching the Problem
Towards a Solution
A (Very) Brief History of the Web
A HyperText Transfer Protocol Primer
Making HTTP Better
Latency Reduction: A Nasty Kludge
Content Caching
Managing Sessions: Cookies
When Cookies and Caches Mix
Preventing the Cache Cookie Attack
Uncovering Treasons
A Trivial Case of Behavioral Analysis
Giving Pretty Pictures Meaning
Beyond the Engine ...
... And Beyond Identification
Food for Thought
The Benefits of Being a Victim
Defining Attacker Metrics
Protecting Yourself: Observing Observations
Food for Thought
The Big Picture
Parasitic Computing, or How Pennies Add Up
Nibbling at the CPU
Practical Considerations
Parasitic Storage: The Early Days
Making Parasitic Storage Feasible
Applications, Social Considerations, and Defense
Food for Thought
Topology of the Network
Capturing the Moment
Using Topology Data for Origin Identification
Network Triangulation with Mesh-Type Topology Data
Network Stress Analysis
Food for Thought
Watching the Void
Direct Observation Tactics
Attack Fallout Traffic Analysis
Detecting Malformed or Misdirected Data
Food for Thought
Closing Words
Bibliographic Notes
Free shipping on orders over $35*

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

Learn more about the TextbookRush Marketplace.