Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
Silence on the Wire Foreword Introduction
A Few Words about Me About This Book
I. The Source
1. I Can Hear You Typing
The Need for Randomness
Automated Random Number Generation
The Security of Random Number Generators I/O Entropy: This Is Your Mouse Speaking
Delivering Interrupts: A Practical Example One-Way Shortcut Functions The Importance of Being Pedantic
Entropy Is a Terrible Thing to Waste Attack: The Implications of a Sudden Paradigm Shift
A Closer Look at Input Timing Patterns Immediate Defense Tactics Hardware RNG: A Better Solution?
Food for Thought
Remote Timing Attacks Exploiting System Diagnostics Reproducible Unpredictability
2. Extra Efforts Never Go Unnoticed
Boole’s Heritage Toward the Universal Operator
DeMorgan at Work Convenience Is a Necessity Embracing the Complexity
Toward the Material World A Nonelectric Computer A Marginally More Popular Computer Design
Logic Gates
From Logic Operators to Calculations From Electronic Egg Timer to Computer Turing and Instruction Set Complexity
Functionality, at Last Holy Grail: The Programmable Computer Advancement through Simplicity Split the Task Execution Stages The Lesser Memory Do More at Once: Pipelining The Big Problem with Pipelines
Implications: Subtle Differences
Using Timing Patterns to Reconstruct Data Bit by Bit . . .
In Practice
Early-Out Optimization Working Code—Do It Yourself
Prevention Food for Thought
3. Ten Heads of the Hydra
Revealing Emissions: TEMPEST in the TV Privacy, Limited
Tracking the Source: “He Did It!” “Oops” Exposure: *_~1q'@@ . . . and the Password Is . . .
4. Working for the Common Good
II. Safe Harbor
5. Blinkenlights
The Art of Transmitting Data
From Your Email to Loud Noises . . . Back and Forth The Day Today Sometimes, a Modem Is Just a Modem Collisions Under Control Behind the Scenes: Wiring Soup and How We Dealt with It Blinkenlights in Communications
The Implications of Aesthetics Building Your Own Spy Gear . . . . . . And Using It with a Computer Preventing Blinkenlights Data Disclosure—and Why It Will Fail Food for Thought
6. Echoes of the Past
Building the Tower of Babel
The OSI Model
The Missing Sentence Food for Thought
7. Secure in Switched Networks
Some Theory
Address Resolution and Switching Virtual Networks and Traffic Management
Attacking the Architecture
CAM and Traffic Interception Other Attack Scenarios: DTP, STP, Trunks
Prevention of Attacks Food for Thought
8. Us versus Them
Logical Blinkenlights and Their Unusual Application
Show Me Your Typing, and I Will Tell You Who You Are
The Unexpected Bits: Personal Data All Around Wi-Fi Vulnerabilities
III. Out in the Wild
9. Foreign Accent
The Language of the Internet
Naive Routing Routing in the Real World The Address Space Fingerprints on the Envelope
Internet Protocol
Protocol Version The Header Length Field The Type of Service Field (Eight Bits) The Total Packet Length (16 Bits) The Source Address The Destination Address The Fourth Layer Protocol Identifier Time to Live (TTL) Flags and Offset Parameters Identification Number Checksum
Beyond Internet Protocol User Datagram Protocol
Introduction to Port Addressing UDP Header Summary
Transmission Control Protocol Packets
Control Flags: The TCP Handshake Other TCP Header Parameters TCP Options
Internet Control Message Protocol Packets Enter Passive Fingerprinting
Examining IP Packets: The Early Days Initial Time to Live (IP Layer) The Don’t Fragment Flag (IP Layer) The IP ID Number (IP Layer) Type of Service (IP Layer) Nonzero Unused and Must Be Zero Fields (IP and TCP Layers) Source Port (TCP Layer) Window Size (TCP Layer) Urgent Pointer and Acknowledgment Number Values (TCP Layer) Options Order and Settings (TCP Layer) Window Scale (TCP Layer, Option) Maximum Segment Size (TCP Layer, Option) Time-Stamp Data (TCP Layer, Option) Other Passive Fingerprinting Venues
Passive Fingerprinting in Practice Exploring Passive-Fingerprinting Applications
Collecting Statistical Data and Incident Logging Content Optimization Policy Enforcement Poor Man’s Security Security Testing and Preattack Assessment Customer Profiling and Privacy Invasion Espionage and Covert Reconnaissance
Prevention of Fingerprinting Food for Thought: The Fatal Flaw of IP Fragmentation
Breaking TCP into Fragments
10. Advanced Sheep-Counting Strategies
Benefits and Liabilities of Traditional Passive Fingerprinting A Brief History of Sequence Numbers Getting More Out of Sequence Numbers Delayed Coordinates: Taking Pictures of Time Sequences Pretty Pictures: TCP/IP Stack Gallery Attacking with Attractors Back to System Fingerprinting
ISNProber—Theory in Action
Preventing Passive Analysis Food for Thought
11. In Recognition of Anomalies
Packet Firewall Basics
Stateless Filtering and Fragmentation Stateless Filtering and Out-of-Sync Traffic Stateful Packet Filters Packet Rewriting and NAT Lost in Translation
The Consequences of Masquerading Segment Size Roulette Stateful Tracking and Unexpected Responses Reliability or Performance: The DF Bit Controversy
Path MTU Discovery Failure Scenarios The Fight against PMTUD, and Its Fallout
Food for Thought
12. Stack Data Leaks
Kristjan’s Server Surprising Findings Revelation: Phenomenon Reproduced Food for Thought
13. Smoke and Mirrors
Abusing IP: Advanced Port Scanning
Tree in the Forest: Hiding Yourself Idle Scanning
Defense against Idle Scanning Food for Thought
14. Client Identification: Papers, Please!
Camouflage
Approaching the Problem Towards a Solution
A (Very) Brief History of the Web A HyperText Transfer Protocol Primer Making HTTP Better
Latency Reduction: A Nasty Kludge Content Caching Managing Sessions: Cookies When Cookies and Caches Mix Preventing the Cache Cookie Attack
Uncovering Treasons
A Trivial Case of Behavioral Analysis Giving Pretty Pictures Meaning Beyond the Engine . . . . . . And Beyond Identification
Prevention Food for Thought
15. The Benefits of Being a Victim
Defining Attacker Metrics Protecting Yourself: Observing Observations Food for Thought
IV. The Big Picture
16. Parasitic Computing, or How Pennies Add Up
Nibbling at the CPU Practical Considerations Parasitic Storage: The Early Days Making Parasitic Storage Feasible Applications, Social Considerations, and Defense Food for Thought
17. Topology of the Network
Capturing the Moment Using Topology Data for Origin Identification Network Triangulation with Mesh-Type Topology Data Network Stress Analysis Food for Thought
18. Watching the Void
Direct Observation Tactics Attack Fallout Traffic Analysis Detecting Malformed or Misdirected Data Food for Thought
A. Closing Words B. Bibliographic Notes
Chapter 1 Chapter 2 Chapter 3 Chapter 5 Chapter 6 Chapter 7 Chapter 8 Chapter 9 Chapter 10 Chapter 11 Chapter 13 Chapter 14 Chapter 15 Chapter 16 Chapter 17 Chapter 18
Index Updates
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion