The Virtual Bookcase for browsing and sharing reviews of books. New to this site? Read the welcome page first.

The Virtual Bookcase Home
Recent reviews
Collected book news
Welcome to this site
Add your own book

Book details of 'Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks'

Cover of Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks
TitleSilence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks
Author(s)Michal Zalewski
PublishedApril 2005
PublisherNo Starch Press
Web links for this book
Search at
Wikipedia booksources
Shop for this book

Back to shelf Computer security info for Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks


Vote for this book

The Virtual Bookcase Reviews of 'Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks':

Reviewer Rob Slade wrote:
I don't know why, exactly, the phrase "self-taught information security researcher" (in "About the Author") should give me such a sense of foreboding. (The phrase could apply to me, and to many colleagues, although we tend not to use it.) And even before I read it, a number of people had warned me I wouldn't like it. Well, I did like it, once I figured out what it was. I think a lot of people don't understand it. It is not a security text, by any means, but rather a series of explorations that take our "professional paranoid" mentality and examine some issues we seldom consider. The subtitle states that the book is about passive and "indirect" attacks. Although passive attacks are well defined, indirect does not have a formal distinction, and the introduction does not help in explaining what the author intends. Part one covers activities that occur at the origin of data and processing. Chapter one is titularly about typing, but spends a lot of time dealing with the problems of pseudo-random number generation, and seed data acquisition, and finally outlines an unlikely and very complex attack, heavily dependent upon specific functions and data availability, and seemingly directed at finding out if someone is typing at the computer. (The attack is also active, not passive.) A discussion of digital electronics, boolean algebra, and processor architecture, in chapter two, eventually leads to a brief discussion of the timing and power attacks that are well known in cryptology circles. (There are also odd and careless errors: readers are asked to contrast figure 2-4 with figure 2-4. There is a difference, it just isn't explained.) Chapter three reviews a few random and unrelated vulnerabilities. It is very difficult to determine what the point of chapter four might be, but it seems to be a screed against the use of Web crawling bots. Part two appears to address local communications links. Chapter five provides a brief review of data communications 101, and then notes the "flickering modem LED" vulnerability. The ethernet frame padding problem is described in chapter six, while chapter seven lists some other networking difficulties, and eight briefly mentions miscellaneous topics such as identification by keystroke analysis and war driving. (It should be noted that chapter length varies widely: chapters one, two, and five average twenty-five pages each, while the rest are closer to five.) Part three moves out to the Internet. Chapter nine reviews most of the TCP/IP protocol, and then discusses how the ways that different systems populate fields of the IP header can be used to identify operating systems without a direct connection. The discussion in chapter ten starts with passive mapping of an inaccessible network, but the attack described seems to be intended for sequence number guessing (and session hijacking). Chapter eleven addresses weaknesses in various types of firewalls. Dissection of an odd packet is in chapter twelve, a method of third party scanning in thirteen, some possible metrics for identifying software in fourteen, and some ways of recognizing attacker machines in chapter fifteen. Part four supposedly attempts to relate these disparate elements, apparently without much success. Chapter sixteen describes a storage method using packets bouncing around the net, seventeen looks at different methods of mapping the net and some possible uses, and eighteen considers the discovery of worms and other malware via the capturing of unusual packets. The material in the book is fascinating in places. However, the work is not structured in a way that makes the security implications obvious (the writing is not very direct, and the narrative or topical thread tends to wind around subjects), and, in fact, the security implications aren't very powerful at all. Yes, in the end, the author has written mostly about passive and indirect attacks, but the methods covered are unusual, and probably not very useful. Most of the material concentrates on rather weak covert channels. In this regard it can have some uses in a minor way: covert channel examples are not abundant in the general security literature. The attacks suggested are interesting thought experiments, but have limited uses either in attack or defence. As "Trivial Pursuit" (meaning the game of oddball facts) for the tech crowd it's great, but the author never intended the text to be a vulnerability warning. copyright Robert M. Slade, 2005

Add my review for Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks

Book description:

There are many ways that a potential attacker can intercept information, or learn more about the sender, as the information travels over a network. Silence on the Wire uncovers these silent attacks so that system administrators can defend against them, as well as better understand and monitor their systems. Silence on the Wire dissects several unique and fascinating security and privacy problems associated with the technologies and protocols used in everyday computing, and shows how to use this knowledge to learn more about others or to better defend systems. By taking an indepth look at modern computing, from hardware on up, the book helps the system administrator to better understand security issues, and to approach networking from a new, more creative perspective. The sys admin can apply this knowledge to network monitoring, policy enforcement, evidence analysis, IDS, honeypots, firewalls, and forensics. About the AuthorMichal Zalewski is a security researcher who has worked on topics ranging from hardware and OS design principles to networking. He has published research on many security topics and has worked for the past eight years in the InfoSec field for a number of reputable companies, including two major telecommunications firms.

Search The Virtual Bookcase

Enter a title word, author name or ISBN.

The shelves in The Virtual Bookcase

Arts and architecture (25)
Biography (24)
Business and Management (120)
Cars and driving (53)
Cartoons (45)
Children's books (180)
Computer (475)
Computer history/fun (113)
Computer networks (382)
Computer programming (215)
Computer security (272)
Cook books (89)
Fantasy (154)
Fiction (446)
Health and body (71)
History (138)
Hobby (37)
Horror (65)
Humorous books (52)
Literature (57)
Operating systems (94)
Outdoor camping (162)
Outdoors (236)
Politics (85)
Privacy (61)
Psychology (55)
Religion (17)
Science (113)
Science Fiction (156)
Self-help books (56)
Technology (14)
Travel guides (308)
War and weapons (29)
World Wide Web (213)
Zen (5)
Other books (89)

The Virtual Bookcase is created and maintained by Koos van den Hout. Contact e-mail
Site credits
Copyright © 2000-2018 Koos van den Hout / The Virtual Bookcase Copyright and privacy statement