WHAT IS PASSIVE & ACTIVE ATTACK
About Attacks
When you take a look into the mind of a hacker, you may realize that there are two types of hackers that you are bound to encounter – the passive and the active one. Knowing the types of attacks that they do will allow you to prepare yourself to defend the system that you are trying to protect by installing the right security protocol.
What is a Passive Attack
A passive attack is an attack wherein the hacker waits for the perfect opportunity to penetrate your system. This type of attack is typically done in order for a hacker to observe your networking structure, the type of software you use, or any security measures that you have already installed.passive attacks typically happen when a hacker monitors possible system vulnerabilities without making any changes to the data that he targets. You can think of this attack as a hacker’s means of researching his target in order to launch a more effective attack.
Passive attacks are classified into:
1. Active reconnaissanceThis happens when an intruder listens right into a targeted system by engaging the target to find out where weak points are. This is typically done through port scanning, which is an effective tactic to find out where the vulnerable ports are located and what type of data they normally host. After discovering the vulnerability, a hacker may engage this weak point and exploit the services that are associated with them.
2. Passive reconnaissance
his happens when a hacker chooses to study the targeted system without actively engaging it, without the intention of directly engaging the target. Passive reconnaissance tactics include wardriving (discovery of unprotected wireless network), dumpster diving (finding data on discarded devices or documents), or masquerading (pretending to be a network user with authorization).
These two tactics can be essential tools when it comes to discovering vulnerabilities in your computer system to enable you to prevent any further attacks. Once you are able to use reconnaissance tactics, you can easily map out where the weak points of your computer system really are.
Once you are able to identify vulnerable points through the use of test reconnaissance attacks, you will realize that the simplest and best way to protect your computer system from snooping is to install an IPS (intrusion prevention system), which will serve as your safeguard from port scans and your automated method of shutting down any attempts of a port scan before an intruder gets a complete map of your network. At the same time, you can also install a good firewall that will control the visibility of your network’s ports.
What is an Active Attack
An active attack is a direct exploit on a targeted network, in which a hacker aims to create data changes or create data that will attach itself to the target to make further exploits.Active attacks are typically classified into the following:
1. Masquerade attackIn this attack, a hacker pretends to be a legitimate user of the network in order to gain deeper access or better authorization. A hacker typically does this by using hacked user IDs and passwords, bypassing an authentication system, or exploiting discovered security flaws
Once a hacker becomes successful in infiltrating the system with the identity that he pretends to have, they can easily make changes or delete any software or file, and even kick out authorized users on a network. They can also make modifications to the network and router settings, which may allow them to gain access to the.
2. Session replay
In this attack, a hacker makes use of a stolen session ID in order to create an automatic authentication the next time the target accesses a particular website. This attack exploits the web's nature of storing forms, cookies, and URLs on a browser. Once the hacker gets the data used by a particular session ID on a targeted website, he can then proceed to a session replay attack, which allows him to do everything that the legitimate user of the ID can do.
Since session replay attacks do not happen in real-time, this attack is typically discovered once the legitimate user finds discrepancies on his account. Most of the time, victims of a session replay attack only discover that their accounts have been compromised when identity theft already occurred.
3. Denial of Service (DoS) and Distributed Denial of Service (DDoS)
A DoS attack is defined as the denial of access or service to a legitimate user – you can see that all services that are running on your computer are slowing down or quit suddenly as you use them. DDoS attack, on the other hand, involves a larger number of systems that have been previously compromised by a hacker to attack a particular target
While DoS and DDoS attacks are not used to destroy a target’s security system or to steal data, it can be used to generate profit loss or to render a computer system entirely useless while it is being used. Usually, these attacks are made to create a temporary loss in connectivity on a network and deny all related services. In certain occasions, these attacks can also work to destroy certain files and programs on a targeted computer
A DoS or a DDoS attack is very similar to having a slow internet connection and a slow computer at the same time. During such an attack, you may feel that your network’s performance is unusually slow and you cannot access any website. At the same time, it is also relatively easy to find out if you are being targeted for an attack – you may see that you are receiving too much spam or other signs of unusual traffic.
Now that you have an idea on the types of attacks that a hacker may launch, it’s time for you to learn how a hacker can launch them and prepare yourself to do countermeasures
Give Same Suggestion