Found in 3 comments on Hacker News
127001brewer · 2015-01-14
· Original
thread
This is also talked about in the book, "Silence on the Wire".
http://www.amazon.com/Silence-Wire-Passive-Reconnaissance-In...
yan · 2014-10-23
· Original
thread
Zalewski was the reason I felt unaccomplished in 2005, when I read his "Silence on the wire" and noted he wasn't much older than I am.
His separate guide on CNC is great[1]. He also has a great intro to electronics[2]. His first book is an amazing survey of totally passive attacks[3]. His second book is a comprehensive survey of web application osecurity[4].
[1] http://lcamtuf.coredump.cx/gcnc/
[2] http://lcamtuf.coredump.cx/electronics/
Another lesser known book by him is also worth a read: "Silence on the Wire" that takes a look at the full information security stack from the keyboard you type on, to the wires the data transits, to the internet protocols, etc [2] and looking at how each stage exposes/protects data.
And has quite an interesting history in infosec beyond that [3].
[1] https://www.amazon.com/Tangled-Web-Securing-Modern-Applicati...
[2] https://www.amazon.com/Silence-Wire-Passive-Reconnaissance-I...
[3] https://en.wikipedia.org/wiki/Micha%C5%82_Zalewski