What do you think?
Rate this book
Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks
There are many ways that a potential attacker can intercept information, or learnmore about the sender, as the information travels over a network. Silence on the Wireuncovers these silent attacks so that system administrators can defend against them,as well as better understand and monitor their systems.
Silence on the Wire dissects several unique and fascinating security andprivacy problems associated with the technologies and protocols used in everydaycomputing, and shows how to use this knowledge to learn more about others or tobetter defend systems. By taking an indepth look at modern computing, from hardwareon up, the book helps the system administrator to better understand security issues,and to approach networking from a new, more creative perspective. The sys admin canapply this knowledge to network monitoring, policy enforcement, evidence analysis,IDS, honeypots, firewalls, and forensics.
Silence on the Wire dissects several unique and fascinating security andprivacy problems associated with the technologies and protocols used in everydaycomputing, and shows how to use this knowledge to learn more about others or tobetter defend systems. By taking an indepth look at modern computing, from hardwareon up, the book helps the system administrator to better understand security issues,and to approach networking from a new, more creative perspective. The sys admin canapply this knowledge to network monitoring, policy enforcement, evidence analysis,IDS, honeypots, firewalls, and forensics.
312 pages, Paperback
First published January 1, 2005
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 30 of 33 reviews
August 29, 2008
Amazon 2008-07-12, recommendation from a friend.
An InfoSec book with truly new perspectives, let alone detailed technique, is one of the world's great rarities -- we Defenders of the True Faith, protecting the Internet and her citizens, normally must scour the academic literature, hunt down the deep Webs running on zombied machines for the lancing, draining, and strip-mining of information on Romanian, Russian, and Chinese efforts, and perform our own small researches and inquisitions under night-roiled skies, hidden in shadows, CAT-5e umbilical cords tethered to a world that might as well not exist aside from the content it sends careening through the Backbone at two-thirds the speed of light. Ή ταν ή επί τας: either this, or upon this: the words of Spartan mothers (according to Plutarch) to their warrior-children, marching within the sharp orthogonals of the phalanx...
Excuse me, I ramble. Zalewski has put together a fine book, packed with sophisticated and inventive attacks and defenses. I can pretty well assure even the most skillful and aware NetWarrior will find something in here worth the price of admission. Go find it used.
An InfoSec book with truly new perspectives, let alone detailed technique, is one of the world's great rarities -- we Defenders of the True Faith, protecting the Internet and her citizens, normally must scour the academic literature, hunt down the deep Webs running on zombied machines for the lancing, draining, and strip-mining of information on Romanian, Russian, and Chinese efforts, and perform our own small researches and inquisitions under night-roiled skies, hidden in shadows, CAT-5e umbilical cords tethered to a world that might as well not exist aside from the content it sends careening through the Backbone at two-thirds the speed of light. Ή ταν ή επί τας: either this, or upon this: the words of Spartan mothers (according to Plutarch) to their warrior-children, marching within the sharp orthogonals of the phalanx...
Excuse me, I ramble. Zalewski has put together a fine book, packed with sophisticated and inventive attacks and defenses. I can pretty well assure even the most skillful and aware NetWarrior will find something in here worth the price of admission. Go find it used.
October 13, 2007
This is probably the best-written guide to how networks and operating systems themselves work, and how knowledge of how these things do what they do in their own special way reveals much about what specifically is doing the talking. If that makes any sense. I loved it.
December 18, 2018
Silence on the Wire's topic, passive listening to determine the information processed by a system, has never been more topical than now.
I was looking forward to reading a book that illustrates some of these attack vectors and maybe some feasible usage and defence scenarios.
In reality though, this book is about 80% basic computer science and 20% computer security. The strange things is that most of the basic computer science is pretty irrelevant to the actual attacks which are described at a high level with a little application and defence. I couldn't work out why there was so much on boolean arthmetic and many other topics when it was barely used in the attacks.
Although it's still a good resource to get some ideas of different passive attacks, the amount of padding doesn't render it as a particularly engaging book. I also found there was a lack of organisation; nothing really builds up to a whole. Attacks are arranged arbitrarily and some major pieces are glossed over.
I can't help but feel it could be reduced by 60% and made into a short guide to different types of attack.
I was looking forward to reading a book that illustrates some of these attack vectors and maybe some feasible usage and defence scenarios.
In reality though, this book is about 80% basic computer science and 20% computer security. The strange things is that most of the basic computer science is pretty irrelevant to the actual attacks which are described at a high level with a little application and defence. I couldn't work out why there was so much on boolean arthmetic and many other topics when it was barely used in the attacks.
Although it's still a good resource to get some ideas of different passive attacks, the amount of padding doesn't render it as a particularly engaging book. I also found there was a lack of organisation; nothing really builds up to a whole. Attacks are arranged arbitrarily and some major pieces are glossed over.
I can't help but feel it could be reduced by 60% and made into a short guide to different types of attack.
March 26, 2010
Silence on the Wire provides fascinating insight into security - rather than discussing the traditional security issues, rooted largely in implementation bugs, it discusses how the design of the fundamental protocols and technologies of the Internet creates room for subtle and sophisticated uses above and beyond what their designers intended.
June 11, 2007
Absolutely fantastic book, a great survey of network analysis and passive reconnaissance. Zalewski's insights are ingenious. A definite must read for anyone studying network security.
May 16, 2021
An eye-opening introduction to network security.
The author (currently VP of Security & Privacy Engineering at Snapchat) has a remarkable understanding of the nitty-gritty details of how any information (bits) is created and later "travels" between devices over the network.
You will learn about:
- randomness and entropy and how inborn deterministic nature of machines can constitute a vulnerability
- binary representation that lies at the foundations of computing, especially binary operators XOR, NAND, NOR
- data processing and pipelining that allows for scalability of computing
- TEMPEST as a set of techniques associated with electromagnetic emanation that reveals information
- blinkenlights and NRZ (non return to zero) and biphasic encoding
- OSI: second layer: Ethernet networks, VLANs, trunking (Dynamic Trunking Protocol), STP (Spanning Tree Protocol), SNMP (Single Network Management Protocol)
- OSI: third layer: Internet Protocol (IP) - language of the Internet
- OSI: fourth layer: TCP and passive system profiling
- firewalls (stateless and stateful) and port scanning
- OSI: seventh layer: HTTP, cache and cookies
- parasite computing & storage (how to leverage network resources)
- network topologies, blackhole monitoring
The author (currently VP of Security & Privacy Engineering at Snapchat) has a remarkable understanding of the nitty-gritty details of how any information (bits) is created and later "travels" between devices over the network.
You will learn about:
- randomness and entropy and how inborn deterministic nature of machines can constitute a vulnerability
- binary representation that lies at the foundations of computing, especially binary operators XOR, NAND, NOR
- data processing and pipelining that allows for scalability of computing
- TEMPEST as a set of techniques associated with electromagnetic emanation that reveals information
- blinkenlights and NRZ (non return to zero) and biphasic encoding
- OSI: second layer: Ethernet networks, VLANs, trunking (Dynamic Trunking Protocol), STP (Spanning Tree Protocol), SNMP (Single Network Management Protocol)
- OSI: third layer: Internet Protocol (IP) - language of the Internet
- OSI: fourth layer: TCP and passive system profiling
- firewalls (stateless and stateful) and port scanning
- OSI: seventh layer: HTTP, cache and cookies
- parasite computing & storage (how to leverage network resources)
- network topologies, blackhole monitoring
July 23, 2017
I came in a little skeptical: it's a book from 2005, and I already knew how Ethernet works and why you should make sure your encryption runs in constant time. But this was legitimately an interesting read, with many points and takeaways still interesting and applicable in 2017. If the idea of _understanding_ what the computer is doing -- and what implications that has on all kinds of security -- appeals to you, it's a book for you.
May 21, 2020
This was an interesting overview of how infomation is processed from the local system, to the local network, and then the Internet. The author does a good job of explaining how the various protocols were designed and the vulnerabilities built into these implementations, along with some possible threats. I would definitely recommend this book to someone getting started in network security.
February 5, 2021
Long-winded for the sake of being long-winded in many places, but this book predominantly gets one star because it breaks the fourth wall early and assumes all its readers are male. I know it's a choice that had to be made, and the majority of the industry is male, but that's why I'll stick out over here with my one lonely star.
April 27, 2019
An awesome book. I understood quite a bit about TCP/IP, what can be learned from modem lights, and why my dial-up modem made those funny noises, all these years ago. A lot can be learned about a network by only listening, and this book shows how.
December 24, 2017
One of the best hacking books I have ever read. Absolutely mandatory for infosec professionals and hackers.
Read
August 29, 2019Libro che non ho finito, ma che ho assai apprezzato: è abbastanza tecnico, ma se qualcuno desidera farsi un'idea del mondo della sicurezza informatica... c'è di che stupirsi!!
February 12, 2020
I love how this book describes how the internet became what its now. I would suggest it for a getting started for anyone doing anything related to the web and not only.
June 14, 2021
Pretty good stuff. Didn't flow as well as I would have liked.
December 9, 2023
A fascinating book about security vulnerabilities and attacks, many of which I never would have thought of.
Read
May 13, 2024I'm yet to say a word about this book!
September 14, 2016
Author Michal Zalewski is respected in the hacking and security communities for his\n intelligence, curiosity and creativity, and this book is truly unlike anything else.\n Silence on the Wire is no humdrum white paper or how-to manual for protecting\n one's network. Rather, this narrative explores a variety of unique, uncommon and\n often elegant security challenges that defy classification and eschew the traditional\n attacker-victim model.
There are many ways that a potential attacker can intercept information, or learn more about the sender, as the information travels over a network. Silence on the Wire uncovers these silent attacks so that system administrators can defend against them, as well as better understand and monitor their systems.
*Silence on the Wire* dissects several unique and fascinating security and privacy problems associated with the technologies and protocols used in everyday computing, and shows how to use this knowledge to learn more about others or to better defend systems. By taking an indepth look at modern computing, from hardware on up, the book helps the system administrator to better understand security issues, and to approach networking from a new, more creative perspective. The sys admin can apply this knowledge to network monitoring, policy enforcement, evidence analysis, IDS, honeypots, firewalls, and forensics.
February 25, 2017
Despite the fact that this book is a little old as for the IT book about security, it is still an interesting read. Different look at security problems
March 12, 2020
MUSIC IS THE SILENCE BETWEEN THE NOTES (DEBUSSY)
Dokumentiert das kreative Ausnutzen unbeabsichtigter Nebeneffekte in informationstechnischen Produkten; viele (konkrete) Anwendungsbeispiele waren zuletzt zwischen 1997-2004 relevant, manche sind es noch. Die Ansätze, um von einem Gegner unbeabsichtigte Auskünfte über ein Zielobjekt zu gewinnen, sind zumindest prinzipiell übertragbar: Unaufmerksame Entwickler, unvollständige Spezifikationen, kryptoanalytische Naivität und logische Fortgänge bestimmter Entwurfsentscheidungen, die sich missbrauchen aber dank gewachsenem Überbau nicht leicht korrigieren lassen, begleiten die IT weiterhin (heute z.B. Keylogger auf Basis von Smartphone-Sensoren und Machine Learning, Metadaten-basierte Rekonstruktionen oder Cache/Timing-basierte Seitenkanalangriffen wie Meltdown und Spectre).
Einige Techniken wurden gegen Produktivsysteme probiert, andere in Testumgebungen oder nur hypothetisch weitergedacht, die technischen Grundlagen für jeden Ansatz werden im Vorfeld eingeführt, kann man unnötig finden, sind aber meist knapp und sympathisch beschrieben (Logikgatter aus Holz). Zalewski beginnt ganz nah mit der verräterischen Stille zwischen Tastenanschlägen (timing patterns) und endet bei weit entfernten Rechnern in komplexeren Netzwerken.
Silence on the Wire behandelt die technische Aufklärung (reconnaissance) - vor allem durch Fingerprinting und Timing-Patterns, nebst Emission-Attacks oder Dateileaks (nicht-genullte Puffer, Autofills oder zB. Rechneradressen in v1-GUIDs). In Mülleimern, sozialen Netzwerken oder Google-Ergebnissen wird nicht gewühlt, Social Engineering ist auch kein Thema.
Hatte Freude mit dem Buch, vieles war mir mehr oder weniger bekannt, und wo weniger, passt es gut, dass Zalweski nicht mit technischen Details geizt. Fav-Kapitel waren "Strange Attractors ..." über Phasenraumrekonstruktion, und Parasitic bzw. Volatile Computing.
Weiteres siehe Goodreads-Leseverlauf (meine Kapitelzusammenfassungen).
Dokumentiert das kreative Ausnutzen unbeabsichtigter Nebeneffekte in informationstechnischen Produkten; viele (konkrete) Anwendungsbeispiele waren zuletzt zwischen 1997-2004 relevant, manche sind es noch. Die Ansätze, um von einem Gegner unbeabsichtigte Auskünfte über ein Zielobjekt zu gewinnen, sind zumindest prinzipiell übertragbar: Unaufmerksame Entwickler, unvollständige Spezifikationen, kryptoanalytische Naivität und logische Fortgänge bestimmter Entwurfsentscheidungen, die sich missbrauchen aber dank gewachsenem Überbau nicht leicht korrigieren lassen, begleiten die IT weiterhin (heute z.B. Keylogger auf Basis von Smartphone-Sensoren und Machine Learning, Metadaten-basierte Rekonstruktionen oder Cache/Timing-basierte Seitenkanalangriffen wie Meltdown und Spectre).
Einige Techniken wurden gegen Produktivsysteme probiert, andere in Testumgebungen oder nur hypothetisch weitergedacht, die technischen Grundlagen für jeden Ansatz werden im Vorfeld eingeführt, kann man unnötig finden, sind aber meist knapp und sympathisch beschrieben (Logikgatter aus Holz). Zalewski beginnt ganz nah mit der verräterischen Stille zwischen Tastenanschlägen (timing patterns) und endet bei weit entfernten Rechnern in komplexeren Netzwerken.
Silence on the Wire behandelt die technische Aufklärung (reconnaissance) - vor allem durch Fingerprinting und Timing-Patterns, nebst Emission-Attacks oder Dateileaks (nicht-genullte Puffer, Autofills oder zB. Rechneradressen in v1-GUIDs). In Mülleimern, sozialen Netzwerken oder Google-Ergebnissen wird nicht gewühlt, Social Engineering ist auch kein Thema.
Hatte Freude mit dem Buch, vieles war mir mehr oder weniger bekannt, und wo weniger, passt es gut, dass Zalweski nicht mit technischen Details geizt. Fav-Kapitel waren "Strange Attractors ..." über Phasenraumrekonstruktion, und Parasitic bzw. Volatile Computing.
Weiteres siehe Goodreads-Leseverlauf (meine Kapitelzusammenfassungen).
December 5, 2014
This book is probably one of my favorite books on security. Many security books rehash old topics that have almost been covered time and time again but this one does not. Fortunately, Michal Zalewski takes a very interesting approach to security. It is a very unique book because he takes a look at security vulnerabilities that involve passive reconnaissance. I really enjoyed learning about typing timing patterns, the blinking light vulnerability on modems and parasitic storage (and computing) were my favorite topics covered in his book.
One of my favorite parts about the book is that he will begin to go into talking about how a specific piece of technology works (and you will be wondering, okay where is he going with this) and then right at the end you will suddenly understand the significance of it all and why the vulnerability occurs. I also really liked the part where he was talking about NMAP or Port Scans and how since the scanner uses a Linear Congruent Generator to generate the order of the ports to scan randomly I had never thought about how this could actually reveal the attackers time zone because given output from a weak LCG you can recover the seed used in the generator (which is often the time in milliseconds since January 1st 1970 I believe). I know NMAP has attempted to fix this by getting entropy from /dev/urandom but it still would be amazing as a forensic tool when tracking down a malicious attacker. I also thought his section on web bots was a very creative and ingenious paper.
Above all this book inspires you to think outside of the book and to realize that seemingly unimportant information might not be so unimportant after all.
One of my favorite parts about the book is that he will begin to go into talking about how a specific piece of technology works (and you will be wondering, okay where is he going with this) and then right at the end you will suddenly understand the significance of it all and why the vulnerability occurs. I also really liked the part where he was talking about NMAP or Port Scans and how since the scanner uses a Linear Congruent Generator to generate the order of the ports to scan randomly I had never thought about how this could actually reveal the attackers time zone because given output from a weak LCG you can recover the seed used in the generator (which is often the time in milliseconds since January 1st 1970 I believe). I know NMAP has attempted to fix this by getting entropy from /dev/urandom but it still would be amazing as a forensic tool when tracking down a malicious attacker. I also thought his section on web bots was a very creative and ingenious paper.
Above all this book inspires you to think outside of the book and to realize that seemingly unimportant information might not be so unimportant after all.
June 23, 2016
This is a book about passive detection. Or active detection. Or attacks. I really don't know, because the subject keeps jumping around so much you have no idea the point the author wants to make.
There are plenty explanations for stuff, but mostly is dumbed down to the point it doesn't even make sense. Besides that, you have explanations for attacks that sounds really scary/cool (depending on your point of view) but after you think a bit about it, it is really hard to execute and, with the necessary access to do so, you wouldn't really need this kind of stuff.
Also, there is plenty of "this author research" or "a research that yours truly did" that sounds more like "Hey, look how awesome I am" than "you should really worry about this thing".
About the edition, there are original articles in their original form, but they are presented in mono spaced font in a weird indentation that doesn't fit any layout you chose (landscape, two columns landscape, portrait). Also, there are chapter footnotes and book footnotes and both follow the same format, which means you will find a "[1]", followed by a "[100]", followed by a "[2]". And the author uses "Too," instead of "Also," which, for a non-native English speaking person like me, sounds strange as hell.
There are plenty explanations for stuff, but mostly is dumbed down to the point it doesn't even make sense. Besides that, you have explanations for attacks that sounds really scary/cool (depending on your point of view) but after you think a bit about it, it is really hard to execute and, with the necessary access to do so, you wouldn't really need this kind of stuff.
Also, there is plenty of "this author research" or "a research that yours truly did" that sounds more like "Hey, look how awesome I am" than "you should really worry about this thing".
About the edition, there are original articles in their original form, but they are presented in mono spaced font in a weird indentation that doesn't fit any layout you chose (landscape, two columns landscape, portrait). Also, there are chapter footnotes and book footnotes and both follow the same format, which means you will find a "[1]", followed by a "[100]", followed by a "[2]". And the author uses "Too," instead of "Also," which, for a non-native English speaking person like me, sounds strange as hell.
September 19, 2007
Genius work focusing on passive recon, and not a very hard read either. The explanation of the thoughts and discoveries behind his ideas is easily as interesting as the real-life examples of how they can be used. If you're trying to protect someone's data, you really NEED to understand what Zalewski has to say. And if you think your data can truly be secure, just try to understand, that is not the world we live in today...
I bought this book for myself at HOPE 2006, but it was so good I gave it to a friend and ordered another.
I bought this book for myself at HOPE 2006, but it was so good I gave it to a friend and ordered another.
May 28, 2016
This book focusses on security flaws that exist because of the way something was designed. They may not all be the most commonly exploited flaws, since some aren't so practical to take advantage of, but they sure are interesting to learn about. The book starts right within the heart of the computer and expands all the way out to the internet as a whole. It is less of a practical guide in that it neither really tells you how to exploit something, or how to protect you against said exploit, it merely seeks to explain how it works because of how things are.
April 9, 2017
Zalewski is renowned throughout the InfoSec industry for simply being incredible and bringing many new ways of thinking to the industry through his research.
In "Silence on the Wire", Zalewksi discusses security vulnerabilities and methods of attack that are simply mind-boggling. Although I've been in InfoSec for quite some time and there are areas of repetition for me, much of the book was fascinating and thought-provoking, from both a defender and attacker mindset.
The one downside is that the book is quite inaccessible I feel for someone new to InfoSec and may scare them off :)
In "Silence on the Wire", Zalewksi discusses security vulnerabilities and methods of attack that are simply mind-boggling. Although I've been in InfoSec for quite some time and there are areas of repetition for me, much of the book was fascinating and thought-provoking, from both a defender and attacker mindset.
The one downside is that the book is quite inaccessible I feel for someone new to InfoSec and may scare them off :)
May 23, 2013
I read this right after Zalewski got hired by Google as their web security guru. He has good perspective on security engineering and it is reflected in the pages of this book. As we obsess over the things we can see and secure, this book takes the approach of understanding the people, not very unlike Art of Deception in ages past. Not all the vectors are going to be obvious but you need to anticipate them.
July 3, 2015
It is a bit dated, and it will only get more so, but it only means you need to read it as soon as possible. For me it's a good example that an author can get in-depth about a technical subject and keep it interesting at all times. It really gave me some new insights about networking and it-sec. Solid recommendation!
February 28, 2016
Well another book finished that I have on my 'to-read-urgently' shelf since, well, I don't remember.
The only problem is that in the while most of the stuff is REALLY outdated, but still a pleasant read.
The only problem is that in the while most of the stuff is REALLY outdated, but still a pleasant read.
October 5, 2008
I love the way the author describes the ways in which information that is sent through networks becomes vulnerable to attacks or surveillance.
June 29, 2009
A fantastic and readable overview of a wide range of passive reconnaissance techniques, mixed with a good dose of computing history.
September 6, 2014
A bit dated but still interesting book about cool low level tricks. I was especially fascinated about first part of the book and those hardware hacks.
Displaying 1 - 30 of 33 reviews