An attack is a cyber-attack on system security that results from an intelligent threat. That is, an intelligent act committed with the intent of evading security services and violating a system's security policy.
A passive attack is one that does not affect any system while obtaining information. A passive network attack is one in which a system is monitored and occasionally scanned for open ports and vulnerabilities. The goal of a passive attack is to gather information about the system being targeted; no direct action is taken against the target.
Types of passive attacks:
Passive attacks can take various forms, including the following:
Traffic analysis: Traffic analysis is the process of looking at the network traffic going to and from the target systems. These kinds of attacks use statistical methods to look at the patterns of communication over the network and figure out what they mean. These attacks can happen even when network traffic is encrypted, but they happen more often when network traffic is not encrypted.
Eavesdropping: Eavesdropping is when an attacker gets sensitive information by listening to phone calls or reading unencrypted messages sent over a communication medium. Even though eavesdropping is similar to snooping, snooping is only about getting information while it is being sent.
Foot printing: Foot printing is the process of finding out as much as possible about the network, hardware, software, and employees of the target company. Footprinting gets information about the target, like its IP address, employee ID, and information from the domain name system. The first step in getting information for a penetration test is also to look at the footprints.
Spying: An intruder could pretend to be a legitimate user of a network and spy on it without talking to anyone. With that access, an intruder could watch the network traffic by setting the network adapter to promiscuous mode to catch all unencrypted data traffic on a network.
War driving: War driving scans nearby Wi-Fi networks with a portable antenna to find ones that are vulnerable to attack. Most of the time, this kind of passive attack is done from a moving vehicle. Hackers will sometimes use a GPS to find places on a map that are weak. Wardriving can be done just to steal an internet connection, or it can be a practice for an attack that will happen later. In this type of attack, intruders go through trash cans looking for information on old devices or even passwords. The hackers can then use this information to sneak into a system or network.
The active attack has the potential to cause major damage to an individual's or organization's resources because it attempts to alter system resources or affect how they work. An Active attack attempts to alter system resources or affect their operations. Active attacks involve some modification of the data stream or the creation of false statements.
Types of Active Attacks:
Denial-of-Service (DOS): The goal of a Denial-of-Service (DOS) attack is to shut down a machine or network so that its users can't use it. DOS attacks do this by sending too much traffic to the target or information that makes it crash.
Masquerade: When one thing pretends to be something else, this is called a "masquerade attack." One of the other types of active attacks is used in a Masquerade attack. If an approval process isn't completely safe, it can be very vulnerable to a masquerade attack.
Messages Modification: It means that part of a message is changed or that the message is delayed or put in a different order to get an unintended result. Changes are an attack on the original data's reliability. It basically means that people who aren't supposed to have access to data can get to it and change it by doing things like changing the data packets that are sent or flooding the network with fake data. Authentication is broken when someone changes something. For example, a message that says "Allow JOHN to read confidential file X" is changed to "Allow Smith to read confidential file X."
Repudiation: This attack happens when the network is not fully protected or when the login control has been changed. With this attack, a malicious user can change the information about the author in order to save false data in log files or even to change data on behalf of others, which is similar to spoofing an email.
Replay: It involves catching a message without doing anything to it and then sending it to make an authorised effect. In this attack, the main goal of the attacker is to save a copy of the data that was originally on that network so that they can use it for their own purposes later. Once the data has been tampered with or leaked, it is no longer safe for users.
A cyber-attack is any type of offensive action that tries to steal, change, or destroy data or information systems by going after computer information systems, infrastructures, computer networks, or personal computer devices.