Book Review - Silence on the Wire by Michal Zalewski
Just when you thought you had a decent handle on how to protect yourself on-line, out comes a book that exposes a whole new series of exploits you probably haven't thought about... Silence on the Wire by Michal Zalewski.
Chapter List: I Can Hear You Typing; Extra Efforts Never Go Unnoticed; Ten Heads Of The Hydra; Working For The Common Good; Blinkenlights; Echoes Of The Past; Secure In Switched Networks; Us Versus Them; Foreign Accent; Advanced Sheep-Counting Strategies; In Recognition Of Anomalies; Stack Data Leaks; Smoke And Mirrors; Client Identification: Papers, Please!; The Benefits Of Being A Victim; Parasitic Computing, Or How Pennies Add Up; Topology Of The Network; Watching The Void; Closing Words; Bibliographic Notes; Index
The subtitle of this book is "a field guide to passive reconnaissance and indirect attacks", and that gives you a pretty good idea as to the direction that Zalewski is going with his information. While most security books deal with active attacks designed to either take over your system or crash it, Silence is more concerned with how you may be inadvertently giving up more information than you think. This may happen based on detailed analysis of the timing patterns on data sent over the network. By careful analysis, it's possible to deduce a significant percentage of the data, leaving the rest of the data vulnerable to statistical analysis and attack. Visual representation of IP sequence numbers can also give strong indications as to what type of system may be sending the packets. It could even be something as "innocent" as hi-tech monitoring of the blinking lights on the front of your modem. These types of attacks are not "script-kiddy" exploits, in that there is a lot of theory and analysis involved in interpreting the results. But the fact remains that someone you can't see may be getting more information about you than you think.
Zalewski goes into a lot of detail about the architectural underpinnings of a system in order to set the stage for the type of monitoring that can happen. If you're just looking for "how do I do a timing attack?", you'll probably go away very frustrated. But if you're the type of reader who asks "how does the design of a system facilitate that type of information leakage?", you'll definitely treasure this volume. The type of information that Zalewski covers here isn't readily available in any other single volume. Therefore, it fills a gap in the security library that most people don't even realize exists.
A good read that will open your eyes to problems you weren't even aware of...