what are the Active and passive attacks in a networks ?

[Tufan]

I am a computer science students.After studying a bit in digital mapping, I want to shifting my focus to networking . I know that the network is not safe and wanted to know all about the types of attacks in a system . I know a bit of it that usually the packets that is being travelled throughout a network has a lot of threats from internal and external attackers. Please help me if anyone has some sort of idea on it.

[addie]

A packet which is transitioned through lots of networks and router in it. It has a lot of external and internal threats involved. Ideally there are two types of threats one is active when the attackers intention is to directly attack the packets and view it's content , on the other hand a passive attack is when the victim does not know that the attacker is planning some sort tricks in order to sneak through the network and steal the contents.

[Carley]

In passive attack the attackers intention is just to steal the contents , it do not have any intention of modifying the contents of the packets. There are two categories of this type of attacks. First the attacker will do the traffic analysis of the incoming and outgoing packets i.e at what time the packets come and go and in what format. After viewing it it actually tries to eavesdrop the contents of the packets and even can decode the encrypted data.

[Candace]

In active attacks the attackers actual intention is to both steal the data and hoodwink or fool the victim by changing or modifying the contents of the data , here the victim is unknown that the packet has been modified by the attacker. There are many types of Active attacks , masquerading involves changing the contents of the packets , in this process the content is actually modified as the attacker some how comes to know about the secret decryption key nad uses it to decode the encrypted data of the victim. The attacker can use various eavesdropping techniques to steal the encryption key such as social engineering.

[teenQ]

Another type of Active attack is replay in which the replication of the actual messages is done by the attacker. The attacker stays somewhere hidden among the network and spoofs the packet , after knowing the contents it replicates and duplicates the contents of the data. Some time in the service providing network it will cause some serious problems such as denial of services. The denial of service attack means the server itself is attacked and the clients which use the services are deprived of it and have to wait till the attacker is caught and remedial methods are performed. You can prevent such packet sniffing and attacks following various techniques such as digital signature, encryption and firewall.

[Shen]

A resource can be both physical or logical, that posses threat from both the inside and outside vulnerabilities and can be exploited by the attacker in order to harm the victim and gain benefit fro those resources. These harms can be took i three general forms. First of them all is that the data loses it's confidentiality i.e the actual data does not remain confidential any more and is open for the outside world to exploit. As said in above replies , these threats can either be intentional or intentional. Intentional in the sense the attacker is intending purposely causing all these vulnerabilities to happen for instance, Flooding the system directory with viruses and spywares through a a USB, floppy disc or via network. And the threat may be unintentional or you can say happened accidentally such as computer malfunction due to earthquake or lightening. Just I came came to know about one more attack that is MIM attack or Man i the middle attack. A simple example will give explanation of attack. Suppose A is the Sender and B is the recipient . A is sending packets to B. In the Meanwhile some intruder C comes to know about this and looks for the opportunity and some how sneaks the contents o the Packets send by A to , about which A is not aware of. This is also called as Packet sniffing, There are lots of effective that can be taken to prevent from these types of attacks.

[Steve123]

I think you have provided an incomplete piece of information as far as the That Man in the Middle is concerned. The example you showed which has three participants A, B and C and C is the intruder in that. In that scenario C uses some technique to sniff the packet while it is been transferred over the network. . C some how gets the decryption key and when A sends the packet , C in the middle takes it and sees the content and also modify the content of the packet and adds it's own information and then forwards it to B. Meanwhile both the actual sender and the actual recipient of the packet is unaware o whatever happened during the transaction. B opens the packet and uses it's data considering it as A's instructions. There are lot's o techniques too prevent it from vulnerabilities.You can choose an encryption key and encrypt the data before you transmit it over the network. The receiver can use it's own key to decrypt the data and use it , it ensures Confidentiality of the data . You can use the technique of Digital signature as well. The receiver and sender cam agree on common signature over a safe network in order to identify the correct sender , this ensures Authentication o the sender, The receiver should not accept the packet unless it is properly authenticated.