Instant download Silence on the Wire 1593270461 pdf, docx, kindle format all chapters after payment. 1593270461, 9781593270469
Product details:
ISBN 10: 1593270461
ISBN 13: 9781593270469
Author: Michal Zalewski
Author Michal Zalewski has long been known and respected in the hacking and security communities for his intelligence, curiosity and creativity, and this book is truly unlike anything else out there. In Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks, Zalewski shares his expertise and experience to explain how computers and networks work, how information is processed and delivered, and what security threats lurk in the shadows. No humdrum technical white paper or how-to manual for protecting one’s network, this book is a fascinating narrative that explores a variety of unique, uncommon and often quite elegant security challenges that defy classification and eschew the traditional attacker-victim model.
Table of contents:
I. The Source
1. I Can Hear You Typing
The Need for Randomness
Automated Random Number Generation
The Security of Random Number Generators
I/O Entropy: This Is Your Mouse Speaking
Delivering Interrupts: A Practical Example
One-Way Shortcut Functions
The Importance of Being Pedantic
Entropy Is a Terrible Thing to Waste
Attack: The Implications of a Sudden Paradigm Shift
A Closer Look at Input Timing Patterns
Immediate Defense Tactics
Hardware RNG: A Better Solution?
Food for Thought
Remote Timing Attacks
Exploiting System Diagnostics
Reproducible Unpredictability
2. Extra Efforts Never Go Unnoticed
Boole’s Heritage
Toward the Universal Operator
DeMorgan at Work
Convenience Is a Necessity
Embracing the Complexity
Toward the Material World
A Nonelectric Computer
A Marginally More Popular Computer Design
Logic Gates
From Logic Operators to Calculations
From Electronic Egg Timer to Computer
Turing and Instruction Set Complexity
Functionality, at Last
Holy Grail: The Programmable Computer
Advancement through Simplicity
Split the Task
Execution Stages
The Lesser Memory
Do More at Once: Pipelining
The Big Problem with Pipelines
Implications: Subtle Differences
Using Timing Patterns to Reconstruct Data
Bit by Bit . . .
In Practice
Early-Out Optimization
Working Code—Do It Yourself
Prevention
Food for Thought
3. Ten Heads of the Hydra
Revealing Emissions: TEMPEST in the TV
Privacy, Limited
Tracking the Source: “He Did It!”
“Oops” Exposure: *_~1q’@@ . . . and the Password Is . . .
4. Working for the Common Good
II. Safe Harbor
5. Blinkenlights
The Art of Transmitting Data
From Your Email to Loud Noises . . . Back and Forth
The Day Today
Sometimes, a Modem Is Just a Modem
Collisions Under Control
Behind the Scenes: Wiring Soup and How We Dealt with It
Blinkenlights in Communications
The Implications of Aesthetics
Building Your Own Spy Gear . . .
. . . And Using It with a Computer
Preventing Blinkenlights Data Disclosure—and Why It Will Fail
Food for Thought
6. Echoes of the Past
Building the Tower of Babel
The OSI Model
The Missing Sentence
Food for Thought
7. Secure in Switched Networks
Some Theory
Address Resolution and Switching
Virtual Networks and Traffic Management
Attacking the Architecture
CAM and Traffic Interception
Other Attack Scenarios: DTP, STP, Trunks
Prevention of Attacks
Food for Thought
8. Us versus Them
Logical Blinkenlights and Their Unusual Application
Show Me Your Typing, and I Will Tell You Who You Are
The Unexpected Bits: Personal Data All Around
Wi-Fi Vulnerabilities
III. Out in the Wild
9. Foreign Accent
The Language of the Internet
Naive Routing
Routing in the Real World
The Address Space
Fingerprints on the Envelope
Internet Protocol
Protocol Version
The Header Length Field
The Type of Service Field (Eight Bits)
The Total Packet Length (16 Bits)
The Source Address
The Destination Address
The Fourth Layer Protocol Identifier
Time to Live (TTL)
Flags and Offset Parameters
Identification Number
Checksum
Beyond Internet Protocol
User Datagram Protocol
Introduction to Port Addressing
UDP Header Summary
Transmission Control Protocol Packets
Control Flags: The TCP Handshake
Other TCP Header Parameters
TCP Options
Internet Control Message Protocol Packets
Enter Passive Fingerprinting
Examining IP Packets: The Early Days
Initial Time to Live (IP Layer)
The Don’t Fragment Flag (IP Layer)
The IP ID Number (IP Layer)
Type of Service (IP Layer)
Nonzero Unused and Must Be Zero Fields (IP and TCP Layers)
Source Port (TCP Layer)
Window Size (TCP Layer)
Urgent Pointer and Acknowledgment Number Values (TCP Layer)
Options Order and Settings (TCP Layer)
Window Scale (TCP Layer, Option)
Maximum Segment Size (TCP Layer, Option)
Time-Stamp Data (TCP Layer, Option)
Other Passive Fingerprinting Venues
Passive Fingerprinting in Practice
Exploring Passive-Fingerprinting Applications
Collecting Statistical Data and Incident Logging
Content Optimization
Policy Enforcement
Poor Man’s Security
Security Testing and Preattack Assessment
Customer Profiling and Privacy Invasion
Espionage and Covert Reconnaissance
Prevention of Fingerprinting
Food for Thought: The Fatal Flaw of IP Fragmentation
Breaking TCP into Fragments
10. Advanced Sheep-Counting Strategies
Benefits and Liabilities of Traditional Passive Fingerprinting
A Brief History of Sequence Numbers
Getting More Out of Sequence Numbers
Delayed Coordinates: Taking Pictures of Time Sequences
Pretty Pictures: TCP/IP Stack Gallery
Attacking with Attractors
Back to System Fingerprinting
ISNProber—Theory in Action
Preventing Passive Analysis
Food for Thought
11. In Recognition of Anomalies
Packet Firewall Basics
Stateless Filtering and Fragmentation
Stateless Filtering and Out-of-Sync Traffic
Stateful Packet Filters
Packet Rewriting and NAT
Lost in Translation
The Consequences of Masquerading
Segment Size Roulette
Stateful Tracking and Unexpected Responses
Reliability or Performance: The DF Bit Controversy
Path MTU Discovery Failure Scenarios
The Fight against PMTUD, and Its Fallout
Food for Thought
12. Stack Data Leaks
Kristjan’s Server
Surprising Findings
Revelation: Phenomenon Reproduced
Food for Thought
13. Smoke and Mirrors
Abusing IP: Advanced Port Scanning
Tree in the Forest: Hiding Yourself
Idle Scanning
Defense against Idle Scanning
Food for Thought
14. Client Identification: Papers, Please!
Camouflage
Approaching the Problem
Towards a Solution
A (Very) Brief History of the Web
A HyperText Transfer Protocol Primer
Making HTTP Better
Latency Reduction: A Nasty Kludge
Content Caching
Managing Sessions: Cookies
When Cookies and Caches Mix
Preventing the Cache Cookie Attack
Uncovering Treasons
A Trivial Case of Behavioral Analysis
Giving Pretty Pictures Meaning
Beyond the Engine . . .
. . . And Beyond Identification
Prevention
Food for Thought
15. The Benefits of Being a Victim
Defining Attacker Metrics
Protecting Yourself: Observing Observations
Food for Thought
IV. The Big Picture
16. Parasitic Computing, or How Pennies Add Up
Nibbling at the CPU
Practical Considerations
Parasitic Storage: The Early Days
Making Parasitic Storage Feasible
Applications, Social Considerations, and Defense
Food for Thought
17. Topology of the Network
Capturing the Moment
Using Topology Data for Origin Identification
Network Triangulation with Mesh-Type Topology Data
Network Stress Analysis
Food for Thought
18. Watching the Void
Direct Observation Tactics
Attack Fallout Traffic Analysis
Detecting Malformed or Misdirected Data
Food for Thought
A. Closing Words
B. Bibliographic Notes
Chapter 1
Chapter 2
Chapter 3
Chapter 5
Chapter 6
Chapter 7
Chapter 8
Chapter 9
Chapter 10
Chapter 11
Chapter 13
Chapter 14
Chapter 15
Chapter 16
Chapter 17
Chapter 18
People also search:
silence on the western front
a silence of mockingbirds
a silence of three parts
a silence haunts me runestad
Reviews
There are no reviews yet.