Michał Zalewski

From Wikipedia, the free encyclopedia

Michal Zalewski (born 19 January 1981) is a "white hat" hacker and computer security expert from Poland. He's been a frequent Bugtraq poster since mid-1990's and has authored a number of programs for Unix-like operating systems. During his years in the United States, he's been a researcher with BindView Corporation (a computer security firm). Zalewski recently authored his first book, Silence on the Wire.

Besides computer security, Michal's interests include artificial intelligence, applied mathematics, physics, chemistry, electronics, and photography.

[edit] Reported Bugs

Notable vulnerabilities credited to Michal Zalewski:

CA-2003-25 Buffer Overflow in Sendmail. CERT Advisories. Retrieved on August 22, 2005.
CA-2003-12 Buffer Overflow in Sendmail. CERT Advisories. Retrieved on August 22, 2005.
CA-2001-09 Statistical Weaknesses in TCP/IP Initial Sequence Numbers. CERT Advisories. Retrieved on August 22, 2005.
VU#945216 SSH CRC32 (...) Contains Remote Integer Overflow. CERT Advisories. Retrieved on August 22, 2005. This vulnerability made an appearance on The Matrix Reloaded.
VU#965206 Microsoft Internet Explorer (...) vulnerable to buffer overflow. CERT Advisories. Retrieved on August 22, 2005.
VU#984473 Microsoft Internet Explorer contains overflow in processing script action handlers. CERT Advisories. Retrieved on August 22, 2005.

[edit] Silence on the Wire

Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks is the title of a book by Michal Zalewski, published by No Starch Press in April, 2005. The following is a description of the book from publisher's web site.

Silence on the Wire dissects several unique and fascinating security and privacy problems associated with the technologies and protocols used in everyday computing, and shows how to use this knowledge to learn more about others or to better defend systems.