Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks

Author: Michal Zalewski
4.5
This Month Hacker News 1

Comments

by dmix   2018-03-24
If you don't know who this is, he wrote one of my favourite books on web (browser) security: "The Tangled Web" [1].

Another lesser known book by him is also worth a read: "Silence on the Wire" that takes a look at the full information security stack from the keyboard you type on, to the wires the data transits, to the internet protocols, etc [2] and looking at how each stage exposes/protects data.

And has quite an interesting history in infosec beyond that [3].

[1] https://www.amazon.com/Tangled-Web-Securing-Modern-Applicati...

[2] https://www.amazon.com/Silence-Wire-Passive-Reconnaissance-I...

[3] https://en.wikipedia.org/wiki/Micha%C5%82_Zalewski

by mpeg   2017-08-19
Guessing OS is pretty simple though, I recommend the book "Silence on the wire" [0] for a thorough explanation of passive network fingerprinting.

TL;DR is that the each TCP stack has unique characteristics that are hard to spoof (you'd have to bypass the OS TCP stack and build your own that mimics another) and definitely out of reach for tools that run in sandboxed environments (like browser extensions)

edit: Also, the author of that book, Michal Zalewski, made open source tool p0f [1] that implements some of those techniques to identify spoofed user agents.

  [0]: https://www.amazon.com/gp/product/1593270461
  [1]: http://lcamtuf.coredump.cx/p0f3/