Save Big On Open-Box & Preowned: Buy "Silence on the Wire: A Field Guide to Passive Reco...” from Amazon Warehouse Deals and save 56% off the $39.95 list price. Product is eligible for Amazon's 30-day returns policy and Prime or FREE Shipping. See all Open-Box & Preowned offers from Amazon Warehouse Deals.
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your email address or mobile phone number.
Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks Paperback – April 15, 2005
|New from||Used from|
Frequently Bought Together
Customers Who Bought This Item Also Bought
Special Offers and Product Promotions
A very good introduction to the intricacies of certain security problems and a very extensive guide to passive reconnaissance. -- Help Net Security, June 24, 2005
An innovative twist on otherwise boring aspects of network security hours of enjoyable reading for any self-proclaimed security enthusiast. -- TechIMO, June 3, 2005 http://www.techimo.com/articles/i249.html
Do-it-yourself ethos pervades the book... this broad mindset can uncover major security flaws but not where youd think. -- Enterprise Systems, June 22, 2005 http://www.esj.com/Security/article.aspx?EditorialsID=1426
I was hooked... I give this book a 7 out of 10 for an interesting read. -- Edmonton Linux User Group, June 2005
If you are a 'hacker' type in the old sense of the word... you will probably find this book intriguing. -- ;login:, October 2005
Not only thinking outside the box, but twisting the box, shaking it, and finding a way to exploit it. -- WatchGuard Wire, June 13, 2005 http://www.watchguard.com/RSS/showarticle.aspx?pack=RSS.SotW
The discovery of a technical book in this style is cool. -- IEEE Cipher, May 14, 2005 http://www.ieee-security.org/Cipher/BookReviews/2005/zalewski_by_bruen.html
This follows the story of a piece of information from the first key-press to the other end of the wire. -- Book News UK, May 17, 2005 http://www.booknews.co.uk/
What makes it a joy to read are the author's appealing humility, sense of humor and vast knowledge. -- Open.ITWorld.com, June 1, 2005 http://open.itworld.com/5040/nls_unixsilencewire050602/page_1.html
About the Author
Michal Zalewski is an internationally recognized information security expert with a long track record of delivering cutting-edge research. He is credited with discovering hundreds of notable security vulnerabilities and frequently appears on lists of the most influential security experts. He is the author of Silence on the Wire (No Starch Press), Google's "Browser Security Handbook," and numerous important research papers.
More About the Author
Top Customer Reviews
If you work in information warfare, this should be mandatory reading! If you are responsible for very high value targets like Walmart's dataprocessing, or Intel's or Citibank's it is imperative that you read Zalewski's work page by page.
I don't think the book will work for those new to networking and technical security. It almost could but the book's layout reads more like a thesis, or an IEEE journal paper than a helpful book that teaches and equips. I do this stuff for a living and had to stop several times and say, "OK what is the point".
If this goes to second printing or second edition, I recommend the use of tools such as text boxes and callouts to make the main points easier to follow.
Chapter 9 was the biggest disappointment. The author is truly an expert and could have taught the reader so much more about the interpretation of the header fields.
However, those are nits, no book can be perfect. The book is well worth the money for the right reader! I am glad I got to read it and will recommend it for the SANS conference book store!
Don't get me wrong; SOTW is one of the most innovative and original computing books available. You will find it even more interesting if you are not familiar with many of the works the author summarizes or describes. Those of you who have been active for the last 5-10 years will recognize research on poor Initial Sequence Numbers, various timing attacks, remotely counting hosts behind NAT, and so on. In some cases the author added novel insights to this old research, or presented related but obscure new variations. NAT detection via MSS clamping (Ch 11) is one example.
In some cases the author describes really cool techniques based on research I had not encountered. Parasitic storage and getting remote hosts to solve computational problems (Ch 16) are amazing ideas. Kudos to the author for including a bibliography, with references to many interesting papers.
SOTW suffers from one major flaw. SOTW sometimes wastes far too much time getting to "the point." For example, Ch 2 spends 20 pages explaining internal CPU workings and logic gates before finally talking about timing attacks. This bothered me on two fronts. One, many readers do not need a rehash of computing basics. Two, I was less inclined to slog through those 20 pages because I did not know why they were included.Read more ›
The fact that everything is breakable from an information security perspective is good news to Luddites and bad news for the paranoid. Hopefully, most people fall between those two opposites and with that, Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks is an fascinating book on knowing when to be suspicious and when to be complacent.
The premise of the book is that there are countless ways that a potential attacker can intercept information and sniff data. The title points out that these silent stealth-like attacks are often difficult to detect, and all the more so to defend against. The better you understand the threats, the better you can monitor and defend against them.
The author writes about his work with data reconnaissance and details how computers and networks operate, with a special emphasis on how they process and transmit data. With such transmissions, there are significant security threats; which is what this book details.
Make note that this is not a For Dummies type of book. It is written for security engineers and experienced system administrators that have a heavy background in networking and security. Electronic engineers will feel very much at home with the many schematics and encodings in the code. The book is written for those that are very comfortable with programming and complex networks.Read more ›
Most Recent Customer Reviews
Great book for a technical intro to computer security. It covers a broad set of topics and gets to key fundamentals that help the reader start to think about the key things that... Read morePublished 12 months ago by Thomas M. Kroeger
The author has made considerable effort to explain his points quite eloquently and in great detail, though a technical book there is quite some artistry about how its written.Published on February 7, 2014 by Keith Makan
Zalewski "teaches you to fish" so that you walk away with an understanding of how to think about information security. Read morePublished on September 13, 2013 by Blaise Pabon
This is a legacy... but wonderful book. There is nothing more that needs to be said, buy it.. end of story.Published on August 16, 2013 by Tim
This book was an eye-opener into a world of sophisticated attacks and reconnaissance that seem like they belong more to an over-the-top Hollywood plot than real life. Read morePublished on February 11, 2012 by Jordan Grotepas
Before I bought this book I had seen some of Zalewski's work: his museum of broken packets and his famous Mozilla Firefox vulnerability reports. Read morePublished on April 6, 2009 by L. Garcia
Never trust a person that writes about things that he or she does not understand.
The citation below contains several very serious errors. Read more
A must for any IT security/networking engineer. Great read, great price, informative yet entertaining.Published on July 23, 2008 by Angeli's Mom
Zalewski brought up a number of interesting and very innovative security situations and possibilities. Read morePublished on February 6, 2008 by Charles G. Heaton