Customer Reviews


6 Reviews
5 star:
 (6)
4 star:    (0)
3 star:    (0)
2 star:    (0)
1 star:    (0)
 
 
 
 
 
Average Customer Review
Share your thoughts with other customers
Create your own review
 
 
Most Helpful First | Newest First

6 of 6 people found the following review helpful
5.0 out of 5 stars A book every bit as good as it's title, 2 Feb 2006
By 
Ian Barber (Brighton, UK) - See all my reviews
(REAL NAME)   
Silence on the Wire is, nominally, about network security. However, while it contains technical information this is far from a technical book. The focus of Zalewski's interest is on the unintended and the unexpected, the places where the systems that bind the internet together are a little ragged, and where the layers of abstraction in every piece of software don't quite match reality.
The book is full of amazingly clever attacks, but explained in a way that makes all the concepts completely clear. Early on for example, the author spends several pages explaining how to build up a computer processor (in wood, should one desire) in order to explain a series of ingenious ways of recovering information, such as code keys, by looking at how long processing them takes. Later he explains the basic protocols that make up the internet, in order to show how much information is placed, unintentionally, on the wire.
Michal Zalewski's love for this strange world of background noise and broken messages is self evident, and his wit and humour lend the book a relaxed air. Still, there is hardly any filler and I think it would be very hard to come away without having your mind opened, at least slightly, to the vast sea of information that there for anyone inquisitive enough to listen.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


2 of 2 people found the following review helpful
5.0 out of 5 stars Most interesting security-related book I've read since Applied Cryptography, 6 April 2009
By 
L. Garcia (Spain.) - See all my reviews
(REAL NAME)   
Before I bought this book I had seen some of Zalewski's work: his museum of broken packets and his famous Mozilla Firefox vulnerability reports. Because of that, I suspected Zalewski's book would be worth reading. Well, It actually turned out to be much more than that.

Silence on the wire is an awesome book, clearly targeted for security enthusiasts. In its 18 chapters, it shows many different (and often undetectable) ways in which an attacker can obtain useful information just by watching the way your systems behave. Did you know that in some cases it's possible to determine an attacker's system clock time that is port-scanning one of your boxes? Did you know that there are ways to identify decoys and spoofed packets? Or that you can recover the information being transmitted by a modem just by observing its LEDs? Reading the book you may find that your Ethernet card is leaking kernel-space information, that your system's pseudo-random-number-generator is not that random but totally predictable or that someone is remotely port-scanning your server while all you can see are incoming TCP SYN packets coming from a trusted box.

Every chapter starts with an introduction, then discusses one or more attack vectors and finally gives some "food for thought", this is, ideas for further research or further paranoia. Sometimes those introductions are longer than they should but at the same time they provide the background required to understand what comes next. For every chapter, the book also includes a list of references to relevant papers, specifications or research projects.

It is true that the book is 5 years old, but believe me, I didn't find a single line that was outdated. Hey, the book even talks about the recent Kaminsky's DNS vulnerability research and it was published 4 years before it became public! Its fair to say that some of the techniques explained in the book are difficult to use in real world situations but still, they will give you an idea of all the threats you are exposed to. Things can sometimes get scary...

Honestly, I highly recommend this book for anyone that enjoys network security from a technical point of view, anyone that has to protect critical systems against skilled attackers, or anyone that is interested on knowing how much can someone know about a computer system just using passive and undetectable techniques. I think this is the most interesting security-related book I've read since Schneier's "Applied Cryptography".
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


2 of 2 people found the following review helpful
5.0 out of 5 stars Looks like sci-fi, but this is the reality!, 17 Nov 2006
By 
T. Miklas - See all my reviews
(REAL NAME)   
I bought this book in polish and read it from cover to cover. Michal is not pretending to be one of many 'hackers', he doesn't write about hacking even. What this book explains is about different ways your information may leak out and why this may happen. The book is written in a slightly philosophic way and for sure leaves the reader with many topics to think about. Michal is not trying to build any type of oppinion - what he does by describing his research (yes - he is a researcher, historician, network and software engineer at the same time) is asking questions but all of us have to find our own answers.

It's a real 5 STARS book! Worth the time and money - but don't forget to read the first few chapters to get in the right mood, even if those chapters will seem to be too technical... Believe me, they are not :-)
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars For the geeks, 25 April 2011
By 
M. SMITH - See all my reviews
(REAL NAME)   
I have only skimmed this book but I will definitely be buying my own copy. I think the Amazon product description is a little misleading as this will not help a system administrator understand security issues.

What it definitely will do is lead anyone with an interest in computing and electronics on an detailed tour of how the technology we use can be manipulated from a very low level. I am not a mathematician or an electronics engineer so I found the topics quite complex but they are very well explained.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars very very good, 31 Aug 2007
I can't recommend this book enough. So many of the IT-related books out there are half hearted affairs which do nothing more than paraphrase existing documentation, but SOTW is a different animal.

If you're a sysadmin wanting to secure your network, this isn't the book for you. But if you have a hackerish (and I mean that in the true sense of the word) mentality and love learning, you'll adore this book. I really home we see more books from Zalewski
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars A very interesting read indeed!, 21 Sep 2006
By 
C. S. Le - See all my reviews
(REAL NAME)   
The book is very detailed and clear! The author has a way to suck you into reading more into the topic. As the previous reviewer says "The book is full of amazingly clever attacks, but explained in a way that makes all the concepts completely clear." And I have to agree with him. Overall I give this book 5 stars!
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


Most Helpful First | Newest First

This product

Only search this product's reviews