What is an active attack?
An active attack is a security attack in which the attacker directly communicates with the target system or network. In this attack, an attacker attempts to modify or disrupt the system or network’s functioning by injecting malicious traffic or executing unauthorized commands. It can be dangerous to the integrity and availability of a system or network. It can compromise the data integrity and reduce the availability of system resources, leading to significant damage and financial loss for the targeted organization.
Types of active attacks:
Active attacks can take many forms, including:
- Distributed Denial of Service (DDoS) attack: In this attack, the attacker uses a network of compromised devices known as a botnet to flood a target system or network with excessive traffic causing it to crash or become unavailable.
- Masquerade attack: In this attack, the attacker pretends to be a legitimate user or system to gain unauthorized access to confidential information or perform malicious actions.
- Session hijacking: In this attack, the attacker takes over a user’s session by stealing their session ID, which can be used to impersonate the user and perform actions on their behalf.
- Replay attack: In this attack, the attacker intercepts and records data packets transmitted between two parties and later replays them to gain unauthorized access to a system or network.
What is a passive attack?
A passive attack is also a type of security attack in which an attacker is in indirect contact with the target system or network and monitors the communication between the target system. In this attack, an attacker monitors, intercepts, or eavesdrops on data transmissions without altering or affecting them. The main objective of a passive attack is to gain unauthorized access to sensitive or confidential data or information without being detected. They are often difficult to discover as they do not disrupt system operations or modify data.
Types of passive attacks:
Passive attacks can take many forms, including:
- Release of message contents: In this attack, the attacker can intercept and view the content of a message being transmitted over a network and use this information for malicious purposes.
- Traffic analysis: In this attack, the attacker can monitor the traffic between two or more communication nodes to obtain information about the communication patterns and behavior of the system.
- Network mapping: In this attack, the attacker creates a network map by monitoring the network traffic and identifying the communication patterns between different devices on the network.
- Sniffing: In this attack, the attacker captures and analyzes network traffic to intercept sensitive data such as login details, credit card numbers, or other confidential information.
