There are many ways that a potential attacker can intercept information, or learn more about the sender, as the information travels over a network. Silence on the Wire uncovers these silent attacks so that system administrators can defend against them, as well as better understand and monitor their systems.

Silence on the Wire dissects several unique and fascinating security and privacy problems associated with the technologies and protocols used in everyday computing, and shows how to use this knowledge to learn more about others or to better defend systems. By taking an indepth look at modern computing, from hardware on up, the book helps the system administrator to better understand security issues, and to approach networking from a new, more creative perspective. The sys admin can apply this knowledge to network monitoring, policy enforcement, evidence analysis, IDS, honeypots, firewalls, and forensics.

Amazon.com® Reader Reviews (Ranked by Helpfulness)

Average Amazon.com® Rating:  Based on 27 Ratings

Interesting but academic - 2008-02-06
Reviewer Rating:
Zalewski brought up a number of interesting and very innovative security situations and possibilities. The statistical derivation of content based upon CPU utilization, is something I had never even considered... but at the same time it looks like it could be more work than someone would be willing to invest. The writing style is also slightly academic. A fair amount of time is spent giving background and information about a topic when those who may see the situation will probably already understand the history. I will have to admit that this was not a page turner, but I am very happy I bought this book. It was just a little difficult to get through at times.

Most interesting security-related book I've read since Applied Cryptography - 2009-04-06
Reviewer Rating:
Before I bought this book I had seen some of Zalewski's work: his museum of broken packets and his famous Mozilla Firefox vulnerability reports. Because of that, I suspected Zalewski's book would be worth reading. Well, It actually turned out to be much more than that.

Silence on the wire is an awesome book, clearly targeted for security enthusiasts. In its 18 chapters, it shows many different (and often undetectable) ways in which an attacker can obtain useful information just by watching the way your systems behave. Did you know that in some cases it's possible to determine an attacker's system clock time that is port-scanning one of your boxes? Did you know that there are ways to identify decoys and spoofed packets? Or that you can recover the information being transmitted by a modem just by observing its LEDs? Reading the book you may find that your Ethernet card is leaking kernel-space information, that your system's pseudo-random-number-generator is not that random but totally predictable or that someone is remotely port-scanning your server while all you can see are incoming TCP SYN packets coming from a trusted box.

Every chapter starts with an introduction, then discusses one or more attack vectors and finally gives some "food for thought", this is, ideas for further research or further paranoia. Sometimes those introductions are longer than they should but at the same time they provide the background required to understand what comes next. For every chapter, the book also includes a list of references to relevant papers, specifications or research projects.

It is true that the book is 5 years old, but believe me, I didn't find a single line that was outdated. Hey, the book even talks about the recent Kaminsky's DNS vulnerability research and it was published 4 years before it became public! Its fair to say that some of the techniques explained in the book are difficult to use in real world situations but still, they will give you an idea of all the threats you are exposed to. Things can sometimes get scary...

Honestly, I highly recommend this book for anyone that enjoys network security from a technical point of view, anyone that has to protect critical systems against skilled attackers, or anyone that is interested on knowing how much can someone know about a computer system just using passive and undetectable techniques. I think this is the most interesting security-related book I've read since Schneier's "Applied Cryptography".

Very untrustworthy - 2008-11-06
Reviewer Rating:
Never trust a person that writes about things that he or she does not understand.

The citation below contains several very serious errors.

--------Chapter 16, Page 228 (footnote)-------
Non-polynomial (NP) problems have no known solutions of this nature [polynomial time solutions] and may require dramatically more time to solve as the input length increases, exhibiting, for example, exponential dependency. A subset of NP problems, known as NP complete, are proven to have no polynomial time solutions.
----------------------------------------------

The errors are:

1. "NP" does not mean "Non-polynomial" but "Non-deterministic Polynomial" (which are VERY different things)
2. Many NP problems do have known polynomial solutions, and it is possible that all of them have (still unknown) polynomial solutions.
3. None of the NP-complete problems have been proved to lack polynomial time solutions... Indeed, any such a proof would solve the famous "P vs NP" problem, a central open problem in computer science that has an associated prize of one million dollars from the Clay Mathematics Institute.

Granted that the book is not about complexity theory, but still, how could you trust any information in the book after this?

Great reading - 2008-07-23
Reviewer Rating:
A must for any IT security/networking engineer. Great read, great price, informative yet entertaining.

Great read - 2008-06-15
Reviewer Rating:
Nutshell review - This is a great read. Very entertaining and informative. Will really open your eyes and make you think about unusual information security issues and attack vectors.