A Field Guide to Passive Reconnaissance and Indirect Attacks

Read a review of the security book: Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks.

This article can also be found in the Premium Editorial Download: Information Security magazine: What's the best IT security advice you've ever received?:

Silence on the Wire: A field guide to passive reconnaissance and indirect attacks
By Michal Zalewski
No Starch Press, 312 pages, $39.95
www.nostarch.com

Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks explores the uncharted territories of computer and network security, developing novel, but perhaps limited, attack methodologies.

Some of the attack methods might be familiar (password disclosure via SSH keystroke timing, remotely reading data from LED traffic activity lights on modems), while others won't be. Author Michal Zalewski's contribution--the open-source "p0f," a passive OS-fingerprinting utility--adopts a subtle approach to identifying a remote host's operating system; instead of blasting the host with packets and analyzing the responses, it stealthily gathers the packets naturally transmitted by the target. Of course, this requires more strategy and patience from the attacker, and, ultimately, the practical utility of the tool is hampered.

The highlight of Silence is deep in the final chapters. Zalewski shows how Internet protocols can be exploited--literally stretched beyond their intended use--to create functional equivalents of fundamental computing resources. For example, the SMTP mail service can be used as nonpersistent data storage by sending mail to a nonexistent host, which will typically be returned to the sender for up to seven days. The possibility is fascinating.

@exb
Silence on the Wire
@exe

The format of each short chapter is largely the same: a long background section, eventually delivering the punch line--one of the extraordinarily clever hacks or attack methods. Unfortunately, the climaxes of the chapters often fizzle, with Zalewski briefly sketching some of the possible attack methods without details or confirmation of the probability of the approach. Instead, he overtly encourages the reader to pursue the research on his or her own.

Although the attack sketches are captivating (e.g., tricking Web-indexing search engines such as Google into following specially crafted URLs resulting in anonymous Web attacks), often the partial development of the concept leaves the reader wanting more. Although some of the methods may be feasible and have some lasting impact in the field, the impact of many of the others is probably negligible.

Ultimately, Silence is an interesting compendium of security curios. The presentation is breezy and irreverent, perhaps making this good beach reading for security geeks who aren't afraid of the sun.

--Patrick Mueller

Top Shelf
Visit SearchSecurity.com's Information Security Bookshelf for chapter downloads from these books and more.

VoIP Security
By James F. Ransome and John Rittinghouse
Digital Press

Rootkits: Subverting the Windows' Kernel By Greg Hoglund and Jamie Butler
Addison-Wesley Professional

Information Security Roles and Responsibilities Made Easy, Version 2
By Charles Cresson Wood
Information Shield

The Art of Deception: Controlling the Human Element of Security
By Kevin Mitnick and William L. Simon
John Wiley & Sons

Cyptography for Dummies By Chey Cobb
John Wiley & Sons

Malware: Fighting Malicious Code By Ed Skoudis and Lenny Zeltzer
Prentice Hall PTR

This was first published in August 2005

Dig deeper on Security Awareness Training and Internal Threats-Information

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close