NO STARCH PRESS
"the finest in geek entertainment"™
"the finest in geek entertainment"™
book main | contents |
reviews | updates
|
FOREWORD by Solar Designer INTRODUCTION A Few Words about Me About This Book PART I: THE SOURCE On the problems that surface long before one sends any information over the network CHAPTER 1: I CAN HEAR YOU TYPING Where we investigate how your keystrokes can be monitored from far, far away The Need for Randomness Automated Random Number Generation The Security of Random Number Generators I/O Entropy: This Is Your Mouse Speaking Delivering Interrupts: A Practical Example One-Way Shortcut Functions The Importance of Being Pedantic Entropy Is a Terrible Thing to Waste Attack: The Implications of a Sudden Paradigm Shift A Closer Look at Input Timing Patterns Immediate Defense Tactics Hardware RNG: A Better Solution? Food for Thought Remote Timing Attacks Exploiting System Diagnostics Reproducible Unpredictability CHAPTER 2: EXTRA EFFORTS NEVER GO UNNOTICED Where we learn how to build a wooden computer and how to obtain information from watching a real computer run Boole's Heritage Toward the Universal Operator DeMorgan at Work Convenience Is a Necessity Embracing the Complexity Toward the Material World A Nonelectric Computer A Marginally More Popular Computer Design Logic Gates From Logic Operators to Calculations From Electronic Egg Timer to Computer Turing and Instruction Set Complexity Functionality, at Last Holy Grail: The Programmable Computer Advancement through Simplicity Split the Task Execution Stages The Lesser Memory Do More at Once: Pipelining The Big Problem with Pipelines Implications: Subtle Differences Using Timing Patterns to Reconstruct Data Bit by Bit... In Practice Early-Out Optimization Working Code-Do It Yourself Prevention Food for Thought CHAPTER 3: TEN HEADS OF THE HYDRA Where we explore several other tempting scenarios that occur very early on in the process of communications Revealing Emissions: TEMPEST in the TV Privacy, Limited Tracking the Source: "He Did It!" "Oops" Exposure: *_~1q'@@... and the Password Is... CHAPTER 4: WORKING FOR THE COMMON GOOD Where a question of how the computer may determine the intent of its user is raised and left unanswered PART II: SAFE HARBOR On the threats that lurk in between the computer and the Internet CHAPTER 5: BLINKENLIGHTS Where we conclude that pretty can also be deadly, and we learn to read from LEDs The Art of Transmitting Data From Your Email to Loud Noises... Back and Forth The Day Today Sometimes, a Modem Is Just a Modem Collisions Under Control Behind the Scenes: Wiring Soup and How We Dealt with It Blinkenlights in Communications The Implications of Aesthetics Building Your Own Spy Gear... ...And Using It with a Computer Preventing Blinkenlights Data Disclosure-and Why It Will Fail Food for Thought CHAPTER 6: ECHOES OF THE PAST Where, on the example of a curious Ethernet flaw, we learn that it is good to speak precisely Building the Tower of Babel The OSI Model The Missing Sentence Food for Thought CHAPTER 7: SECURE IN SWITCHED NETWORKS Or, why Ethernet LANs cannot be quite fixed, no matter how hard we try Some Theory Address Resolution and Switching Virtual Networks and Traffic Management Attacking the Architecture CAM and Traffic Interception Other Attack Scenarios: DTP, STP, Trunks Prevention of Attacks Food for Thought CHAPTER 8: US VERSUS THEM What else can happen in the local perimeter of "our" network? Quite a bit! Logical Blinkenlights and Their Unusual Application Show Me Your Typing, and I Will Tell You Who You Are The Unexpected Bits: Personal Data All Around Wi-Fi Vulnerabilities PART III: OUT IN THE WILD Once you are on the Internet, it gets dirty CHAPTER 9: FOREIGN ACCENT Passive fingerprinting: subtle differences in how we behave can help others tell, who we are The Language of the Internet Naive Routing Routing in the Real World The Address Space Fingerprints on the Envelope Internet Protocol Protocol Version The Header Length Field The Type of Service Field (Eight Bits) The Total Packet Length (16 Bits) The Source Address The Destination Address The Fourth Layer Protocol Identifier Time to Live (TTL) Flags and Offset Parameters Identification Number Checksum Beyond Internet Protocol User Datagram Protocol Introduction to Port Addressing UDP Header Summary Transmission Control Protocol Packets Control Flags: The TCP Handshake Other TCP Header Parameters TCP Options Internet Control Message Protocol Packets Enter Passive Fingerprinting Examining IP Packets: The Early Days Initial Time to Live (IP Layer) The Don't Fragment Flag (IP Layer) The IP ID Number (IP Layer) Type of Service (IP Layer) Nonzero Unused and Must Be Zero Fields (IP and TCP Layers) Source Port (TCP Layer) Window Size (TCP Layer) Urgent Pointer and Acknowledgment Number Values (TCP Layer) Options Order and Settings (TCP Layer) Window Scale (TCP Layer, Option) Maximum Segment Size (TCP Layer, Option) Time-Stamp Data (TCP Layer, Option) Other Passive Fingerprinting Venues Passive Fingerprinting in Practice Exploring Passive-Fingerprinting Applications Collecting Statistical Data and Incident Logging Content Optimization Policy Enforcement Poor Man's Security Security Testing and Preattack Assessment Customer Profiling and Privacy Invasion Espionage and Covert Reconnaissance Prevention of Fingerprinting Food for Thought: The Fatal Flaw of IP Fragmentation Breaking TCP into Fragments CHAPTER 10: ADVANCED SHEEP-COUNTING STRATEGIES Where we dissect the ancient art of determining network architecture and computer's whereabouts Benefits and Liabilities of Traditional Passive Fingerprinting A Brief History of Sequence Numbers Getting More Out of Sequence Numbers Delayed Coordinates: Taking Pictures of Time Sequences Pretty Pictures: TCP/IP Stack Gallery Attacking with Attractors Back to System Fingerprinting ISNProber-Theory in Action Preventing Passive Analysis Food for Thought CHAPTER 11: IN RECOGNITION OF ANOMALIES Or what can be learned from subtle imperfections of network traffic Packet Firewall Basics Stateless Filtering and Fragmentation Stateless Filtering and Out-of-Sync Traffic Stateful Packet Filters Packet Rewriting and NAT Lost in Translation The Consequences of Masquerading Segment Size Roulette Stateful Tracking and Unexpected Responses Reliability or Performance: The DF Bit Controversy Path MTU Discovery Failure Scenarios The Fight against PMTUD, and Its Fallout Food for Thought CHAPTER 12: STACK DATA LEAKS Where you will find a yet another short story on where to find what we did not intend to send out at all Kristjan's Server Surprising Findings Revelation: Phenomenon Reproduced Food for Thought CHAPTER 13: SMOKE AND MIRRORS Or how to disappear with grace Abusing IP: Advanced Port Scanning Tree in the Forest: Hiding Yourself Idle Scanning Defense against Idle Scanning Food for Thought CHAPTER 14: CLIENT IDENTIFICATION: PAPERS, PLEASE! Seeing through a thin disguise may come in handy on many occasions Approaching the Problem Towards a Solution A (Very) Brief History of the Web A HyperText Transfer Protocol Primer Making HTTP Better Latency Reduction: A Nasty Kludge Content Caching Managing Sessions: Cookies When Cookies and Caches Mix Preventing the Cache Cookie Attack Uncovering Treasons A Trivial Case of Behavioral Analysis Giving Pretty Pictures Meaning Beyond the Engine... ...And Beyond Identification Prevention Food for Thought CHAPTER 15: THE BENEFITS OF BEING A VICTIM In which we conclude that approaching life with due optimism may help us track down the attacker Defining Attacker Metrics Protecting Yourself: Observing Observations Food for Thought PART IV: THE BIG PICTURE Our legal department advised us not to say "the network is the computer" here CHAPTER 16: PARASITIC COMPUTING, OR HOW PENNIES ADD UP Where the old truth that having an army of minions is better than doing the job yourself is once again confirmed Nibbling at the CPU Practical Considerations Parasitic Storage: The Early Days Making Parasitic Storage Feasible Applications, Social Considerations, and Defense Food for Thought CHAPTER 17: TOPOLOGY OF THE NETWORK On how the knowledge of the world around us may help track down rogue attackers Capturing the Moment Using Topology Data for Origin Identification Network Triangulation with Mesh-Type Topology Data Network Stress Analysis Food for Thought CHAPTER 18: WATCHING THE VOID When looking down the abyss, what does not kill us makes us stronger Direct Observation Tactics Attack Fallout Traffic Analysis Detecting Malformed or Misdirected Data Food for Thought CLOSING WORDS Where the book is about to conclude BIBLIOGRAPHIC NOTES INDEX |
book main | contents |
reviews
Copyright 2008 by No Starch Press