Silence on the Wire and over one million other books are available for Amazon Kindle. Learn more
Qty:1
  • List Price: $39.95
  • Save: $14.29 (36%)
FREE Shipping on orders over $35.
Only 5 left in stock (more on the way).
Ships from and sold by Amazon.com.
Gift-wrap available.
Add to Cart
Want it Monday, April 28? Order within and choose One-Day Shipping at checkout. Details
FREE Shipping on orders over $35.
Used: Like New | Details
Condition: Used: Like New
Comment: IMMEDIATE FREE Shipment from Amazon, gift wrapping and messages available....Beautiful Book, looks new. Text & cover completely pristine. FREE DELIVERY & CONFIRMATION TRACKING. Your satisfaction guaranteed. Please ask us any questions. Thanks.
Add to Cart
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 2 images

Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks Paperback


See all 2 formats and editions Hide other formats and editions
Amazon Price New from Used from Collectible from
Kindle
"Please retry"
Paperback
"Please retry"
$25.66
$7.44 $4.45

Frequently Bought Together

Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks + The Tangled Web: A Guide to Securing Modern Web Applications + Hacking: The Art of Exploitation, 2nd Edition
Price for all three: $87.48

Buy the selected items together

NO_CONTENT_IN_FEATURE

Shop the New Digital Design Bookstore
Check out the Digital Design Bookstore, a new hub for photographers, art directors, illustrators, web developers, and other creative individuals to find highly rated and highly relevant career resources. Shop books on web development and graphic design, or check out blog posts by authors and thought-leaders in the design industry. Shop now

Product Details

  • Paperback: 312 pages
  • Publisher: No Starch Press; 1 edition (April 15, 2005)
  • Language: English
  • ISBN-10: 1593270461
  • ISBN-13: 978-1593270469
  • Product Dimensions: 9.2 x 7.1 x 0.8 inches
  • Shipping Weight: 1.2 pounds (View shipping rates and policies)
  • Average Customer Review: 4.5 out of 5 stars  See all reviews (30 customer reviews)
  • Amazon Best Sellers Rank: #591,148 in Books (See Top 100 in Books)

Editorial Reviews

Review

A series of explorations that take our ‘professional paranoid’ mentality and examine some issues we seldom consider. -- Internet Review Project, July 2005

A very good introduction to the intricacies of certain security problems and a very extensive guide to passive reconnaissance. -- Help Net Security, June 24, 2005

An innovative twist on otherwise boring aspects of network security… hours of enjoyable reading for any self-proclaimed security enthusiast. -- TechIMO, June 3, 2005 http://www.techimo.com/articles/i249.html

Do-it-yourself ethos pervades the book... this broad mindset can uncover major security flaws — but not where you’d think. -- Enterprise Systems, June 22, 2005 http://www.esj.com/Security/article.aspx?EditorialsID=1426

I was hooked... I give this book a 7 out of 10 for an interesting read. -- Edmonton Linux User Group, June 2005

If you are a 'hacker' type in the old sense of the word... you will probably find this book intriguing. -- ;login:, October 2005

Not only thinking outside the box, but twisting the box, shaking it, and finding a way to exploit it. -- WatchGuard Wire, June 13, 2005 http://www.watchguard.com/RSS/showarticle.aspx?pack=RSS.SotW

The discovery of a technical book in this style is cool. -- IEEE Cipher, May 14, 2005 http://www.ieee-security.org/Cipher/BookReviews/2005/zalewski_by_bruen.html

This follows the story of a piece of information from the first key-press to the other end of the wire. -- Book News UK, May 17, 2005 http://www.booknews.co.uk/

What makes it a joy to read are the author's appealing humility, sense of humor and vast knowledge. -- Open.ITWorld.com, June 1, 2005 http://open.itworld.com/5040/nls_unixsilencewire050602/page_1.html

About the Author

Michal Zalewski is an internationally recognized information security expert with a long track record of delivering cutting-edge research. He is credited with discovering hundreds of notable security vulnerabilities and frequently appears on lists of the most influential security experts. He is the author of Silence on the Wire (No Starch Press), Google's "Browser Security Handbook," and numerous important research papers.


More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

4.5 out of 5 stars
5 star
20
4 star
7
3 star
2
2 star
0
1 star
1
See all 30 customer reviews
After reading the book, some may view it as an exercise in theoretical problems that bare little resemblance to the real world.
Ben Rothke
Too, the author has a quirky personality that seeps into the book, allowing him to turn a technical subject into an enjoyable and quite easy to understand read.
Jordan Grotepas
Silence on the Wire is a fascinating read and I definitely recommend it to anybody who is interested or responsible for information security.
Marcin Wielgoszewski

Most Helpful Customer Reviews

63 of 68 people found the following review helpful By Stephen Northcutt on April 24, 2005
Format: Paperback
If you have been a senior technical analyst in an infosec shop for several year, you have seen most of this before, in fact some of it has been published before. However, I have never seen so much information in one place on the subject of passive reconnaissance. Who needs horror movies? Read this book and follow it up with Black Ice by Verton and you probably will not sleep for a week!

If you work in information warfare, this should be mandatory reading! If you are responsible for very high value targets like Walmart's dataprocessing, or Intel's or Citibank's it is imperative that you read Zalewski's work page by page.

I don't think the book will work for those new to networking and technical security. It almost could but the book's layout reads more like a thesis, or an IEEE journal paper than a helpful book that teaches and equips. I do this stuff for a living and had to stop several times and say, "OK what is the point".

If this goes to second printing or second edition, I recommend the use of tools such as text boxes and callouts to make the main points easier to follow.

Chapter 9 was the biggest disappointment. The author is truly an expert and could have taught the reader so much more about the interpretation of the header fields.

However, those are nits, no book can be perfect. The book is well worth the money for the right reader! I am glad I got to read it and will recommend it for the SANS conference book store!
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
32 of 34 people found the following review helpful By Richard Bejtlich on March 19, 2006
Format: Paperback
I received Silence on the Wire (SOTW) almost one year ago. When I first tried reading the book, I couldn't get past Ch 1. In fact, I didn't try reading anything for three months, hoping I could re-engage SOTW. Eventually I put SOTW aside and read other books, only to return to SOTW this week. I'm glad I gave SOTW a second chance. There's plenty to like in this book if you look for the details that interest you.

Don't get me wrong; SOTW is one of the most innovative and original computing books available. You will find it even more interesting if you are not familiar with many of the works the author summarizes or describes. Those of you who have been active for the last 5-10 years will recognize research on poor Initial Sequence Numbers, various timing attacks, remotely counting hosts behind NAT, and so on. In some cases the author added novel insights to this old research, or presented related but obscure new variations. NAT detection via MSS clamping (Ch 11) is one example.

In some cases the author describes really cool techniques based on research I had not encountered. Parasitic storage and getting remote hosts to solve computational problems (Ch 16) are amazing ideas. Kudos to the author for including a bibliography, with references to many interesting papers.

SOTW suffers from one major flaw. SOTW sometimes wastes far too much time getting to "the point." For example, Ch 2 spends 20 pages explaining internal CPU workings and logic gates before finally talking about timing attacks. This bothered me on two fronts. One, many readers do not need a rehash of computing basics. Two, I was less inclined to slog through those 20 pages because I did not know why they were included.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
34 of 39 people found the following review helpful By Ben Rothke on July 19, 2005
Format: Paperback
Irrespective of the myriad proclamations of systems or products being hackerproof, bulletproof and the like; given enough time and money, everything is breakable. Security purists may argue that one-time pads are provably and perfectly secure. While that is correct in the pristine halls of academic cryptography, the real world is littered with many one-time pads of dubious security.

The fact that everything is breakable from an information security perspective is good news to Luddites and bad news for the paranoid. Hopefully, most people fall between those two opposites and with that, Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks is an fascinating book on knowing when to be suspicious and when to be complacent.

The premise of the book is that there are countless ways that a potential attacker can intercept information and sniff data. The title points out that these silent stealth-like attacks are often difficult to detect, and all the more so to defend against. The better you understand the threats, the better you can monitor and defend against them.

The author writes about his work with data reconnaissance and details how computers and networks operate, with a special emphasis on how they process and transmit data. With such transmissions, there are significant security threats; which is what this book details.

Make note that this is not a For Dummies type of book. It is written for security engineers and experienced system administrators that have a heavy background in networking and security. Electronic engineers will feel very much at home with the many schematics and encodings in the code. The book is written for those that are very comfortable with programming and complex networks.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
16 of 17 people found the following review helpful By Solinym on September 30, 2005
Format: Paperback Verified Purchase
I have an extensive library of computer security books, and this is by far the most interesting, most novel, most entertaining computer security book I own. I am actually going through each of the footnotes, reading every paper mentioned in the book. This books is not a textbook for system cracking or defending your system, like O'Reilly's Practical Unix and Internet Security (my second favorite security book). Instead Zalewski has gone somewhere entirely new, showing how your computer leaks information to other parties without 99.999% of the population realizing it. I do network security for a living, am a privacy fanatic, and figured I'd learn a few new things. I was overwhelmed by the amount of new information I learned. Reading this book was a humbling yet exhilirating experience. Some of the sections are written so clearly a lay person could understand them, but other sections assume a great deal of knowledge of computer lore, particularly TCP/IP networking. Buy this book, then run silent, run deep.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Product Images from Customers

Most Recent Customer Reviews

Search
ARRAY(0xa4d03bb8)