Attacking Network Protocols

Author: James Forshaw
Publisher: No Starch Press
Pages: 336
ISBN: 978-1593277505
Print: 1593277504
Kindle: B071V4DYVC
Audience: developers interested in security
Rating: 4.5
Reviewer: Kay Ewbank

Despite the rather worrying subtitle of 'a hacker's guide to capture, analysis, and exploitation', this is in fact a useful book.

It works on the principle that you should think like an attacker to find the vulnerabilities in your systems, so you can then work out how to overcome or protect the vulnerability.

The author of the book is James Forshaw, a well-known name among those interested in security. He rose to fame as the winner of $100,000 bounty from Microsoft for finding a major security flaw within Windows 8.1. He also won various other bounties for finding security flaws in Internet Explorer, and now works for Google as a security researcher in Project Zero. He's also been a winner at Pwn2Own, the computer hacking contest held annually at the CanSecWest security conference.

The book opens with a chapter on the basics of networking to set the scene, then moves on to a chapter on capturing application traffic. As author James Forshaw points out, this can be more challenging than you might imagine. The chapter discusses passive and active capture, and popular tools for each method.

A more technical discussion of network protocol structures comes next, with details of protocols and how they are represented in binary or text-based protocols. Forshaw then moves on to advanced application traffic capture using techniques such as rerouting traffic using software, and techniques such as network address translation and forwarding traffic to a gateway.

A chapter titled Analysis from the Wire is next. This builds on what was discussed earlier to look at how to analyze captured network protocol traffic from a chat application to understand what protocol is being used so you can assess its security.

Application reverse engineering comes next with a meaty chapter looking at ways that vulnerabilities in an application can be detected by reverse engineering the executable.

 

Banner

A chapter on network protocol security is next, looking at the objectives of secure protocols (data confidentiality and integrity; and protecting server and client from being impersonated). Forshaw looks at how these objectives are usually addressed, and potential weaknesses to look for. Forshaw then moves on to show how to implement a network protocol yourself so you can test it for security purposes. The examples use Forshaw's own testbed chat application so you don't have to do quite as much work yourself.

 

 

One of the most interesting (and frightening) chapters from the viewpoint of the casual reader comes next, with a look at the root causes of vulnerabilities. In this case, Forshaw means those that result from the implementation of a protocol as opposed to its specification. The idea is that you're learning patterns in protocols that might identify security vulnerabilities. There are good descriptions of techniques such as memory, storage and CPU exhaustion attacks, format string vulnerabilities, and attacks using command and SQL injection.

If you're reading the book in order to work out how to find and exploit security vulnerabilities for real, the next chapter is where things get interesting. Forshaw shows how to identify security vulnerabilities by manipulating network traffic, and how to use techniques such as fuzz testing and debugging to automate the process of discovering security problems.

The book ends with an appendix giving details of the tools Forshaw has in his 'analysis toolkit' for analysis, investigation, and exploitation.

I began reading this book expecting to be either bored or lost by technicalities. In reality, it's very readable and accessible, with descriptions that are interesting and understandable at the system level even if you're not planning on writing your own ARP poisoner. It's network agnostic with coverage of Windows, Linux and Mac, and the discussion of the tools and how to use them is excellent.  This is a book worth reading even if your only interest in network security is as an applications developer.

 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

 

Banner


Python All-in-One, 2nd Ed (For Dummies)

Authors: John Shovic and Alan Simpson
Publisher: For Dummies
Date: April 2021
Pages: 720
ISBN: 978-1119787600
Print: 1119787602
Kindle: B091DGDLK8
Audience: People wanting to learn Python
Rating: 2
Reviewer: Mike James
All-in-one refers to the fact that this is seven books put together - why?



Racket Programming the Fun Way

Author: James W. Stelly
Publisher: No Starch Press
Date: January 2021
Pages: 360
ISBN: 978-1718500822
Print: 1718500823
Kindle: B085BW4J16
Audience: Developers interested in Racket
Rating: 4
Reviewer: Mike James
If you have ever wanted to Lisp then try Racket.


More Reviews

Related Reviews

Secrets and Lies, Digital Security in a Networked World, 15th Anniversary Edition

A Bug Hunter's Diary

 

Last Updated ( Saturday, 28 November 2020 )