did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9781593270469

Silence On The Wire

by
  • ISBN13:

    9781593270469

  • ISBN10:

    1593270461

  • Format: Paperback
  • Copyright: 2005-04-30
  • Publisher: No Starch Pr
  • Purchase Benefits
  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
  • Write a Review Icon Write a Review
List Price: $39.95

Summary

Silence on the Wire dissects several unique and fascinating security and privacy problems associated with the technologies and protocols used in everyday computing, and shows how to use this knowledge to learn more about others or to better defend systems. By taking an in-depth look at modern computing, from hardware on up, the book helps the system administrator to better understand security issues, and to approach networking from a new, more creative perspective. The book tackles a variety of challenging topics, often crossing the line between computer science and mathematics and electronics.

Table of Contents

Foreword xix
Solar Designer
Introduction xxiii
A Few Words about Me xxiii
About This Book xxiv
PART I: THE SOURCE
I Can Hear You Typing
3(18)
The Need for Randomness
4(3)
Automated Random Number Generation
6(1)
The Security of Random Number Generators
7(1)
I/O Entropy: This Is Your Mouse Speaking
8(5)
Delivering Interrupts: A Practical Example
8(3)
One-Way Shortcut Functions
11(1)
The Importance of Being Pedantic
12(1)
Entropy Is a Terrible Thing to Waste
13(1)
Attack: The Implications of a Sudden Paradigm Shift
14(5)
A Closer Look at Input Timing Patterns
15(3)
Immediate Defense Tactics
18(1)
Hardware RNG: A Better Solution?
18(1)
Food for Thought
19(2)
Remote Timing Attacks
19(1)
Exploiting System Diagnostics
20(1)
Reproducible Unpredictability
20(1)
Extra Efforts Never Go Unnoticed
21(30)
Boole's Heritage
21(1)
Toward the Universal Operator
22(3)
DeMorgan at Work
23(1)
Convenience Is a Necessity
24(1)
Embracing the Complexity
25(1)
Toward the Material World
25(1)
A Nonelectric Computer
26(1)
A Marginally More Popular Computer Design
27(1)
Logic Gates
27(1)
From Logic Operators to Calculations
28(3)
From Electronic Egg Timer to Computer
31(1)
Turing and Instruction Set Complexity
32(9)
Functionality, at Last
34(1)
Holy Grail: The Programmable Computer
35(1)
Advancement through Simplicity
35(1)
Split the Task
36(1)
Execution Stages
37(1)
The Lesser Memory
38(1)
Do More at Once: Pipelining
39(1)
The Big Problem with Pipelines
40(1)
Implications: Subtle Differences
41(3)
Using Timing Patterns to Reconstruct Data
42(1)
Bit by Bit
42(2)
In Practice
44(4)
Early-Out Optimization
44(2)
Working Code---Do It Yourself
46(2)
Prevention
48(1)
Food for Thought
49(2)
Ten Heads of the Hydra
51(6)
Revealing Emissions: Tempest in the TV
52(1)
Privacy, Limited
53(4)
Tracking the Source: ``He Did It!''
54(1)
``Oops'' Exposure: *_ ~lq'@@ ... and the Password Is ...
55(2)
Working for the Common Good
57(8)
PART II: SAFE HARBOR
Blinkenlights
65(24)
The Art of Transmitting Data
66(14)
From Your Email to Loud Noises . . . Back and Forth
68(5)
The Day Today
73(1)
Sometimes, a Modem Is Just a Modem
74(1)
Collisions Under Control
75(1)
Behind the Scenes: Wiring Soup and How We Dealt with It
76(2)
Blinkenlights in Communications
78(2)
The Implications of Aesthetics
80(1)
Building Your Own Spy Gear
81(1)
. . . And Using It with a Computer
82(3)
Preventing Blinkenlights Data Disclosure---and Why It Will Fail
85(3)
Food for Thought
88(1)
Echoes of the Past
89(6)
Building the Tower of Babel
90(2)
The OSI Model
91(1)
The Missing Sentence
92(2)
Food for Thought
94(1)
Secure in Switched Networks
95(8)
Some Theory
96(3)
Address Resolution and Switching
96(1)
Virtual Networks and Traffic Management
97(2)
Attacking the Architecture
99(2)
CAM and Traffic Interception
100(1)
Other Attack Scenarios: DTP, STP, Trunks
100(1)
Prevention of Attacks
101(1)
Food for Thought
101(2)
US Versus Them
103(10)
Logical Blinkenlights and Their Unusual Application
105(1)
Show Me Your Typing, and I Will Tell You Who You Are
105(1)
The Unexpected Bits: Personal Data All Around
106(1)
Wi-Fi Vulnerabilities
107(6)
PART III: OUT IN THE WILD
Foreign Accent
113(38)
The Language of the Internet
114(4)
Naive Routing
115(1)
Routing in the Real World
116(1)
The Address Space
116(2)
Fingerprints on the Envelope
118(1)
Internet Protocol
118(6)
Protocol Version
119(1)
The Header Length Field
119(1)
The Type of Service Field (Eight Bits)
120(1)
The Total Packet Length (16 Bits)
120(1)
The Source Address
120(1)
The Destination Address
121(1)
The Fourth Layer Protocol Identifier
121(1)
Time to Live (TTL)
121(1)
Flags and Offset Parameters
122(1)
Identification Number
123(1)
Checksum
124(1)
Beyond Internet Protocol
124(1)
User Datagram Protocol
125(1)
Introduction to Port Addressing
125(1)
UDP Header Summary
126(1)
Transmission Control Protocol Packets
126(8)
Control Flags: The TCP Handshake
127(3)
Other TCP Header Parameter's
130(2)
TCP Options
132(2)
Internet Control Message Protocol Packets
134(1)
Enter Passive Fingerprinting
135(7)
Examining IP Packets: The Early Days
135(1)
Initial Time to Live (IP Layer)
136(1)
The Don't Fragment Flag (IP Layer)
136(1)
The IP ID Number (IP Layer)
137(1)
Type of Service (IP Layer)
137(1)
Nonzero Unused and Must Be Zero Fields (IP and TCP Layers)
138(1)
Source Port (TCP Layer)
138(1)
Window Size (TCP Layer)
139(1)
Urgent Pointer and Acknowledgment Number Values (TCP Layer)
139(1)
Options Order and Settings (TCP Layer)
140(1)
Window Scale (TCP Layer, Option)
140(1)
Maximum Segment Size (TCP Layer, Option)
140(1)
Time-Stamp Data (TCP Layer, Option)
140(1)
Other Passive Fingerprinting Venues
141(1)
Passive Fingerprinting in Practice
142(1)
Exploring Passive-Fingerprinting Applications
143(3)
Collecting Statistical Data and Incident Logging
144(1)
Content Optimization
144(1)
Policy Enforcement
144(1)
Poor Man's Security
145(1)
Security Testing and Preattack Assessment
145(1)
Customer Profiling and Privacy Invasion
145(1)
Espionage and Covert Reconnaissance
146(1)
Prevention of Fingerprinting
146(1)
Food for Thought: The Fatal Flaw of IP Fragmentation
147(4)
Breaking TCP into Fragments
148(3)
Advanced Sheep-Counting Strategies
151(22)
Benefits and Liabilities of Traditional Passive Fingerprinting
151(3)
A Brief History of Sequence Numbers
154(1)
Getting More Out of Sequence Numbers
155(1)
Delayed Coordinates: Taking Pictures of Time Sequences
156(4)
Pretty Pictures: TCP/IP Stack Gallery
160(6)
Attacking with Attractors
166(3)
Back to System Fingerprinting
169(1)
ISNProber---Theory in Action
169(1)
Preventing Passive Analysis
170(1)
Food for Thought
171(2)
In Recognition of Anomalies
173(16)
Packet Firewall Basics
174(6)
Stateless Filtering and Fragmentation
175(1)
Stateless Filtering and Out-of-Sync Traffic
176(1)
Stateful Packet Filters
177(1)
Packet Rewriting and NAT
178(1)
Lost in Translation
179(1)
The Consequences of Masquerading
180(1)
Segment Size Roulette
181(2)
Stateful Tracking and Unexpected Responses
183(1)
Reliability or Performance: The DF Bit Controversy
184(2)
Path MTU Discovery Failure Scenarios
184(2)
The Fight against PMTUD, and Its Fallout
186(1)
Food for Thought
186(3)
Stack Data Leaks
189(4)
Kristjan's Server
189(1)
Surprising Findings
190(1)
Revelation: Phenomenon Reproduced
191(1)
Food for Thought
192(1)
Smoke and Mirrors
193(6)
Abusing IP: Advanced Port Scanning
194(3)
Tree in the Forest: Hiding Yourself
194(1)
Idle Scanning
195(2)
Defense against Idle Scanning
197(1)
Food for Thought
198(1)
Client Identification: Papers, Please!
199(20)
Camouflage
200(2)
Approaching the Problem
201(1)
Towards a Solution
201(1)
A (Very) Brief History of the Web
202(1)
A HyperText Transfer Protocol Primer
203(2)
Making HTTP Better
205(6)
Latency Reduction: A Nasty Kludge
205(2)
Content Caching
207(2)
Managing Sessions: Cookies
209(1)
When Cookies and Caches Mix
210(1)
Preventing the Cache Cookie Attack
211(1)
Uncovering Treasons
211(6)
A Trivial Case of Behavioral Analysis
212(2)
Giving Pretty Pictures Meaning
214(1)
Beyond the Engine
215(1)
. . . And Beyond Identification
216(1)
Prevention
217(1)
Food for Thought
217(2)
The Benefits of Being a Victim
219(8)
Defining Attacker Metrics
220(3)
Protecting Yourself: Observing Observations
223(1)
Food for Thought
224(3)
PART IV: THE BIG PICTURE
Parasitic Computing, or How Pennies Add Up
227(16)
Nibbling at the CPU
228(3)
Practical Considerations
231(1)
Parasitic Storage: The Early Days
232(2)
Making Parasitic Storage Feasible
234(7)
Applications, Social Considerations, and Defense
241(1)
Food for Thought
242(1)
Topology of the Network
243(10)
Capturing the Moment
244(1)
Using Topology Data for Origin Identification
245(3)
Network Triangulation with Mesh-Type Topology Data
248(1)
Network Stress-Analysis
248(3)
Food for Thought
251(2)
Watching the Void
253(8)
Direct Observation Tactics
254(2)
Attack Fallout Traffic Analysis
256(3)
Detecting Malformed or Misdirected Data
259(1)
Food for Thought
260(1)
Closing Words 261(2)
Bibliographic Notes 263(6)
Index 269

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program