Any action that compromises the security of information owned by an organization, so in this article, I will tell you what is attacks in network security and how it will affect and bridge security information.
information security is about how to prevent attacks or failing that, to detect attacks on information
• often threat & attack used to mean the same thing
• have a wide range of attacks
• can focus on generic types of attacks
• In the Active attack scenario, a malevolent third party manipulates a response within a legitimate session in a way that tricks the client into issuing an unwanted request (unknown to the user) that discloses sensitive information.
• The attacker can then apply a regular Passive attack on this information.
• It is important to emphasize that this is made possible by a design flaw, not an implementation error or bug.
Active attacks may modify the data stream or create a false stream.
Four Types of active attacks:
1. Masquerade: takes place when one entity pretends to be a different entity. This form usually includes one of the other forms of active attack.
2. Replay: involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
Modification occurs when an unauthorized party gains.
3.access to and tampers with an asset. This is an attack on integrity.
4. Denial of service: prevents or inhibits the normal use or management of communications facilities.
A passive attack is a network attack in which a system is monitored and sometimes scanned for open pots and vulnerabilities. The purpose is solely to gain information about the target and no data is changed on the target.
In passive reconnaissance, an intruder monitors the system for vulnerabilities without interaction, through methods like session capture. Inactive reconnaissance, the intruder engages with the target system through methods like port scans.
What happens in passive attacks, In passive attacks, the goal of opponent or attacker is to obtain the information that is being transmitted right a passive attack attempt to learn or make use of information from the system but it does not affect the system resources so what happens here the passive attacks are very difficult to detect because they do not involve the change of data right the passive attacks do not involve the alteration of data, therefore, these attacks are very difficult to detect
Now what happens in passive attacks the attacker’s goal is just to obtain the information it means that the passive attack does not modify data or harm the system whereas an active attack may change the data or harm the system that and now what happens there are two types of passive attacks release of message contents and traffic analysis
so, first of all, we will study about release of message contents right it is a type of passive attack right so what happens in this case of a release of message contracts it is a passive attack right and in this type of passive attack the opponent or attacker that the opponent or attacker attempts to learn the contents of transmission for example user a transmits a message to user B suppose there is a user a and it transmits a message to user B containing some confidential or a sensitive information and suppose there is another user C who is not authorized to read the message right but this user C attempts to read the content of this message then such type of attack is called release of message contents
Now another type of passive attacks traffic analysis so what happens in traffic analysis in this type of passive attack what happens the attacker or opponent it attempts to analyze the traffic right it attempts to analyze the traffic in this case what happens whatever the messages being transmitted the attacker observes that message and it tries to gain some information about that message right so you can see there are keys now consider the case that there is a way of masking the contents of message or other information traffic
so that even if the message is captured by the opponent or attacker the opponent could not extract the information from the message but what happens, in this case, the opponent or attacker may be able to observe the pattern of these messages right and the opponent could determine the location and identity of communicating hosts and the attacker could observe the frequency and length of messages which is being exchanged right and this type of information may be useful in gassing the nature of the communication that was taking place right so in this case what happens in traffic analysis or attacker it does not read the message which is being transmitted right it observed it and by observing or analyzing it gains some information about the message.
passive attacks are very difficult to detect because they do not involve any change of data they do not involve any alteration of the data typically the message traffic is sent and received in an apparently normal fashion neither the sender, not the receiver is aware that the third party has read the message or observed the traffic pattern.
so I hope you will be able to know about, what are attacks In Network Security. so please let me know in the comments section.