HOME ARTICLES REVIEWS IT TOOLS NEWS RELEASES ADVERTISING
You are here: IT-Observer » Press Releases RSS | White Papers |   

Groundbreaking Security Book Goes Beyond The Norm To Examine Computer Vulnerabilities

Tuesday, 29 March 2005 17:35 EST



WHAT: It's here: the much anticipated first book by computer security researcher Michal Zalewski, "Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks." Truly unlike anything else out there, this book is a fascinating narrative that explores a variety of unique, uncommon and often quite elegant security challenges that defy classification and eschew the traditional attacker-victim model. Includes introduction by Openwall Project leader Solar Designer.

EARLY REVIEWS: "Zalewski's new work is a demonstration of how seemingly innocuous observations can lead to security vulnerabilities. He works like a detective, piecing together basic facts and evidence, until at last, in a moment of understanding, you find out why your RNG may help disclose your keystrokes or how someone can tell what OS your run by looking at your packets."
--Elias Levy (Aleph1), BUGTRAQ

"Zalewski has taken taken a powerful, low-level approach to information security. He covers many issues not discussed before in so comprehensive a volume, including issues of random memory, the inner workings of computers, electronic emissions and concepts of passive data collection."
--Lance Spitzner, Honeynet Project

"Zalewski is a rare gem of a person, pursuing pure discovery and investigation and artfully combining this with his great intelligence. We're all considerably wiser for hearing his perspective on things."
--Jose Nazario, infosec Daily

WHO CARES?: More narrative than reference work, this book will be riveting reading for security professionals and students as well as technophiles interested in learning about how computer security fits into the big picture and high-level hackers seeking to broaden their understanding of their craft. Mixing elements of computer science, mathematics and electronics, "Silence on the Wire" is provocative and challenging. Rather than approaching computer security as a separate discipline, Zalewski delves into the nuts and bolts of modern-day computing so that readers will ponder network design and their own computing activities from a new perspective. Where other books merely chronicle security exploits, Zalewski provides explanations. He addresses real, significant lapses in computer security that are not well known or, in some cases, aren't even well understood by experts.

AUTHOR INFO: Michal Zalewski is a self-taught information security researcher who has worked on topics ranging from hardware and OS design principles to networking. He has long been known and respected in the hacking and security communities for his intelligence, curiosity and creativity. He's been a prolific bug hunter and a frequent BUGTRAQ poster since the mid '90s, has authored popular security utilities and has published a number of acclaimed security research papers.

OTHER RESOURCES: Download a sample chapter and see the table of contents and book cover at http://www.nostarch.com/download/silence_ch05.pdf

BOOK INFO: SILENCE ON THE WIRE: A Field Guide to Passive Reconnaissance and Indirect Attacks, Michal Zalewski, ISBN 159327-0461, April 2005, US $39.95 ($55.95 Cdn) Available at fine bookstores everywhere, from www.oreilly.com/nostarch, or directly from No Starch Press (www.nostarch.com, , ) No Starch Press titles are distributed throughout the U.S. by O'Reilly Media, Inc.

ABOUT NO STARCH PRESS: Since 1994, No Starch Press has published unique books on technology, with a focus on Open Source, security, hacking, programming, gaming and alternative operating systems. Our titles have personality, our authors are passionate, and our books tackle topics that people care about. More information available at www.nostarch.com.
GFI LANguard N.S.S. NEW v8 out now!
Complete network vulnerability management, providing powerful vulnerability scanning, patch management and auditing solution. DOWNLOAD A 30-DAY TRIAL TODAY!

Visit GFI Security Software page for more information.

 

FREE IP PBX: 3CX VOIP Phone System for Windows. No timeouts or limitations

 

Latest News

5 laptop security tips
20.07.07  Laptop theft is a huge problem.

Essential Bluetooth hacking tools
25.05.07  Bluetooth provides an easy way for a wide range of mobile devices to communicate with each other without the need for cables or wires.

DEP for IE7 in Vista
22.05.07  Security tips blog, security-hacks, has posted details on how to enable DEP for Internet Explorer 7 in Vista.

SMB over SSH: Secure File Sharing
18.05.07  Security tips blog, security-hacks, has published an simple guide to share files securely in heterogeneous networks.

Avoid data leaks by clearing the page file
14.05.07  Security-Hacks publishes a useful tip to avoid potential data leaks when you run out of memory.

How to set Master Password in Firefox
11.05.07  Nowadays many web sites require you to type a user name and password before you can enter the site.

How to test your firewall?
10.05.07  Security tips blog, Security-Hacks, has published a compilation of tools to test your firewall: "We’ve compiled a list of tools we believe will be of value to both home users and advance users.
Copyright © IT-Observer Online Publication 2000 - 2007 Top | RSS Feeds | About Us   
Site Meter