Attacking Network Protocols

Author: James Forshaw
Publisher: No Starch Press
Pages: 336
ISBN: 978-1593277505
Print: 1593277504
Kindle: B071V4DYVC
Audience: developers interested in security
Rating: 4.5
Reviewer: Kay Ewbank

Despite the rather worrying subtitle of 'a hacker's guide to capture, analysis, and exploitation', this is in fact a useful book.

It works on the principle that you should think like an attacker to find the vulnerabilities in your systems, so you can then work out how to overcome or protect the vulnerability.

The author of the book is James Forshaw, a well-known name among those interested in security. He rose to fame as the winner of $100,000 bounty from Microsoft for finding a major security flaw within Windows 8.1. He also won various other bounties for finding security flaws in Internet Explorer, and now works for Google as a security researcher in Project Zero. He's also been a winner at Pwn2Own, the computer hacking contest held annually at the CanSecWest security conference.

The book opens with a chapter on the basics of networking to set the scene, then moves on to a chapter on capturing application traffic. As author James Forshaw points out, this can be more challenging than you might imagine. The chapter discusses passive and active capture, and popular tools for each method.

A more technical discussion of network protocol structures comes next, with details of protocols and how they are represented in binary or text-based protocols. Forshaw then moves on to advanced application traffic capture using techniques such as rerouting traffic using software, and techniques such as network address translation and forwarding traffic to a gateway.

A chapter titled Analysis from the Wire is next. This builds on what was discussed earlier to look at how to analyze captured network protocol traffic from a chat application to understand what protocol is being used so you can assess its security.

Application reverse engineering comes next with a meaty chapter looking at ways that vulnerabilities in an application can be detected by reverse engineering the executable.



A chapter on network protocol security is next, looking at the objectives of secure protocols (data confidentiality and integrity; and protecting server and client from being impersonated). Forshaw looks at how these objectives are usually addressed, and potential weaknesses to look for. Forshaw then moves on to show how to implement a network protocol yourself so you can test it for security purposes. The examples use Forshaw's own testbed chat application so you don't have to do quite as much work yourself.



One of the most interesting (and frightening) chapters from the viewpoint of the casual reader comes next, with a look at the root causes of vulnerabilities. In this case, Forshaw means those that result from the implementation of a protocol as opposed to its specification. The idea is that you're learning patterns in protocols that might identify security vulnerabilities. There are good descriptions of techniques such as memory, storage and CPU exhaustion attacks, format string vulnerabilities, and attacks using command and SQL injection.

If you're reading the book in order to work out how to find and exploit security vulnerabilities for real, the next chapter is where things get interesting. Forshaw shows how to identify security vulnerabilities by manipulating network traffic, and how to use techniques such as fuzz testing and debugging to automate the process of discovering security problems.

The book ends with an appendix giving details of the tools Forshaw has in his 'analysis toolkit' for analysis, investigation, and exploitation.

I began reading this book expecting to be either bored or lost by technicalities. In reality, it's very readable and accessible, with descriptions that are interesting and understandable at the system level even if you're not planning on writing your own ARP poisoner. It's network agnostic with coverage of Windows, Linux and Mac, and the discussion of the tools and how to use them is excellent.  This is a book worth reading even if your only interest in network security is as an applications developer.


To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.



Seriously Good Software

Author: Marco Faella
Publisher: Manning
Date: March 2020
Pages: 328
ISBN: 978-1617296291
Print: 1617296295
Kindle: B09782DKN8
Audience: Relatively experienced Java programmers
Rating: 4.5
Reviewer: Mike James
Don't we all want to write seriously good software?

Accelerating Software Quality

Author: Eran Kinsbruner
Publisher: Perforce
Pages: 357
ISBN: 978-8671126044
Print: B08FKW8B9B
Audience: Devops developers
Rating: 3
Reviewer: Kay Ewbank

With a subtitle of 'machine learning and artificial intelligence in the age of devops', this book certainly sounds as though it fits c [ ... ]

More Reviews

Related Reviews

Secrets and Lies, Digital Security in a Networked World, 15th Anniversary Edition

A Bug Hunter's Diary


Last Updated ( Saturday, 28 November 2020 )