The document discusses active and passive network attacks. An active attack intercepts network connections to alter message content, potentially changing system resources, while a passive attack observes and copies messages without altering them, so the victim is not notified. Common active and passive attacks are man-in-the-middle attacks and packet sniffing, respectively. The document also provides tips for preventing security attacks like keeping software updated and using firewalls and strong passwords.
Report
Share
Report
Share
1 of 9
More Related Content
Active and Passive Network Attacks
1. Active and Passive Network Attacks
Presented By: Pradipta Poudel
BIM V Semester
115/20
2. Introduction to Security Attack
Refers to an attempt to exploit vulnerabilities or weaknesses in a system or network in order to
compromise its confidentiality, integrity, or availability.
Major goals: stealing information, damage or disrupt services, or gain unauthorized access to a system.
Types of network security attacks
I. Active Attack
II. Passive Attack
2
3. Active Attack
An active attack is a type of security attack in which the attacker intercepts the network connection and
tries to alter the content of the message.
The system resources can be changed due to active attacks.
Victim gets informed about the attack.
Common type of active attack:
• Man-in-the-Middle (MitM) attack
3
4. Passive Attack
In passive attacks, the attacker observes the messages, then copy and save them and can use it for
malicious purposes.
The attacker does not try to change the gathered or collected information.
Victim does not get informed about the attack.
Common type of passive attack:
• Packet sniffing attack.
4
5. Preventing Security Attacks
Keep Your Software Up to Date,
Firewall,
Complex passwords,
Two-factor authentication,
Regular security audits etc.
5
7. Summary
Ø Refers to an attempt to exploit vulnerabilities or weaknesses in a system or network in order
to compromise its confidentiality, integrity, or availability.
Ø An active attack is a type of security attack in which the attacker intercepts the network connection
and tries to alter the content of the message.
Ø A passive attack is a type of security attack in which the attacker observes the messages, then copy and
save them so that the messages can be used it for malicious purposes.
7
Man-in-the-Middle (MitM) attack: In this type of attack, the attacker intercepts the communication between two parties and can read, modify or even inject new messages into the communication stream. This type of attack can be used to steal sensitive information such as login credentials or credit card numbers.
packet sniffing attack: In this type of attack, an attacker intercepts and analyzes data packets as they travel across a network, in order to extract sensitive information such as passwords or credit card numbers.