Attacking Network Protocols

Author: James Forshaw
Publisher: No Starch Press
Pages: 336
ISBN: 978-1593277505
Print: 1593277504
Kindle: B071V4DYVC
Audience: developers interested in security
Rating: 4.5
Reviewer: Kay Ewbank

Despite the rather worrying subtitle of 'a hacker's guide to capture, analysis, and exploitation', this is in fact a useful book.

It works on the principle that you should think like an attacker to find the vulnerabilities in your systems, so you can then work out how to overcome or protect the vulnerability.

The author of the book is James Forshaw, a well-known name among those interested in security. He rose to fame as the winner of $100,000 bounty from Microsoft for finding a major security flaw within Windows 8.1. He also won various other bounties for finding security flaws in Internet Explorer, and now works for Google as a security researcher in Project Zero. He's also been a winner at Pwn2Own, the computer hacking contest held annually at the CanSecWest security conference.

The book opens with a chapter on the basics of networking to set the scene, then moves on to a chapter on capturing application traffic. As author James Forshaw points out, this can be more challenging than you might imagine. The chapter discusses passive and active capture, and popular tools for each method.

A more technical discussion of network protocol structures comes next, with details of protocols and how they are represented in binary or text-based protocols. Forshaw then moves on to advanced application traffic capture using techniques such as rerouting traffic using software, and techniques such as network address translation and forwarding traffic to a gateway.

A chapter titled Analysis from the Wire is next. This builds on what was discussed earlier to look at how to analyze captured network protocol traffic from a chat application to understand what protocol is being used so you can assess its security.

Application reverse engineering comes next with a meaty chapter looking at ways that vulnerabilities in an application can be detected by reverse engineering the executable.



A chapter on network protocol security is next, looking at the objectives of secure protocols (data confidentiality and integrity; and protecting server and client from being impersonated). Forshaw looks at how these objectives are usually addressed, and potential weaknesses to look for. Forshaw then moves on to show how to implement a network protocol yourself so you can test it for security purposes. The examples use Forshaw's own testbed chat application so you don't have to do quite as much work yourself.



One of the most interesting (and frightening) chapters from the viewpoint of the casual reader comes next, with a look at the root causes of vulnerabilities. In this case, Forshaw means those that result from the implementation of a protocol as opposed to its specification. The idea is that you're learning patterns in protocols that might identify security vulnerabilities. There are good descriptions of techniques such as memory, storage and CPU exhaustion attacks, format string vulnerabilities, and attacks using command and SQL injection.

If you're reading the book in order to work out how to find and exploit security vulnerabilities for real, the next chapter is where things get interesting. Forshaw shows how to identify security vulnerabilities by manipulating network traffic, and how to use techniques such as fuzz testing and debugging to automate the process of discovering security problems.

The book ends with an appendix giving details of the tools Forshaw has in his 'analysis toolkit' for analysis, investigation, and exploitation.

I began reading this book expecting to be either bored or lost by technicalities. In reality, it's very readable and accessible, with descriptions that are interesting and understandable at the system level even if you're not planning on writing your own ARP poisoner. It's network agnostic with coverage of Windows, Linux and Mac, and the discussion of the tools and how to use them is excellent.  This is a book worth reading even if your only interest in network security is as an applications developer.


To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on, Twitter, FacebookGoogle+ or Linkedin.



NoSQL for Mere Mortals

Author: Dan Sullivan
Publisher: Wiley
Date: April 16, 2015
Pages: 552
ISBN: 9780134023212
Print: 0134023218
Kindle: B00VO27P1K
Audience: Techies learning about NoSQL
Rating: 4

Reviewer:  Kay Ewbank

Confused about the range of options on offer from NoSQL? Will this book  [ ... ]

The Logician and the Engineer

Author: Paul J. Nahin
Publisher: Princeton University Press
Pages: 244
ISBN: 978-0691151007
Print: 0691151008
Kindle: B0091XBUTM
Audience: Electronics enthusiasts interested in the origins of computing
Rating:  4
Reviewer: Harry Fairhead

George Boole and Claude S [ ... ]

More Reviews

Related Reviews

Secrets and Lies, Digital Security in a Networked World, 15th Anniversary Edition

A Bug Hunter's Diary


Last Updated ( Saturday, 23 June 2018 )