This article can also be found in the Premium Editorial Download "Information Security magazine: What's the best IT security advice you've ever received?."
Download it now to read this article plus other related content.
Silence on the Wire: A field guide to passive reconnaissance and indirect attacks
By Michal Zalewski
No Starch Press, 312 pages, $39.95
Silence on the Wire: A Field Guide to Passive Reconnaissance and
Indirect Attacks explores the uncharted territories of computer and network security, developing novel, but perhaps limited, attack methodologies.
Some of the attack methods might be familiar (password disclosure via SSH keystroke timing, remotely reading data from LED traffic activity lights on modems), while others won't be. Author Michal Zalewski's contribution--the open-source "p0f," a passive OS-fingerprinting utility--adopts a subtle approach to identifying a remote host's operating system; instead of blasting the host with packets and analyzing the responses, it stealthily gathers the packets naturally transmitted by the target. Of course, this requires more strategy and patience from the attacker, and, ultimately, the practical utility of the tool is hampered.
The highlight of Silence is deep in the final chapters. Zalewski shows how Internet protocols can be exploited--literally stretched beyond their intended use--to create functional equivalents of fundamental computing resources. For example, the SMTP mail service can be used as nonpersistent data storage by sending mail to a nonexistent host, which will typically be returned to the sender for up to seven days. The possibility is fascinating.@exb
|Silence on the Wire|
The format of each short chapter is largely the same: a long background section, eventually delivering the punch line--one of the extraordinarily clever hacks or attack methods. Unfortunately, the climaxes of the chapters often fizzle, with Zalewski briefly sketching some of the possible attack methods without details or confirmation of the probability of the approach. Instead, he overtly encourages the reader to pursue the research on his or her own.
Although the attack sketches are captivating (e.g., tricking Web-indexing search engines such as Google into following specially crafted URLs resulting in anonymous Web attacks), often the partial development of the concept leaves the reader wanting more. Although some of the methods may be feasible and have some lasting impact in the field, the impact of many of the others is probably negligible.
Ultimately, Silence is an interesting compendium of security curios. The presentation is breezy and irreverent, perhaps making this good beach reading for security geeks who aren't afraid of the sun.
Top Shelf Visit SearchSecurity.com's Information Security Bookshelf for chapter downloads from these books and more.
By James F. Ransome and John Rittinghouse
Rootkits: Subverting the Windows' Kernel By Greg Hoglund and Jamie Butler
Information Security Roles and Responsibilities Made Easy, Version 2
By Charles Cresson Wood
The Art of Deception: Controlling the Human Element of Security
By Kevin Mitnick and William L. Simon
John Wiley & Sons
Cyptography for Dummies By Chey Cobb
John Wiley & Sons
Malware: Fighting Malicious Code By Ed Skoudis and Lenny Zeltzer
Prentice Hall PTR
This was first published in August 2005