What type of password attack is a Passive Online attack?
The advent of the Internet brought many big changes to people's lives, in addition to convenience, which are negative aspects that not everyone understands. One of the biggest risks is password hacking on the internet. The following article will give you a more comprehensive look at different types of password attacks, especially Passive Online. Let's find out through offline.
1. What is Passive Online Attack?
Passive Online attack is a form of password attack , attacker (hacker) will "sniff" (sniffing) to find vulnerabilities, traces passwords in the same network.
Before posting, the user's password will be verified in several stages. First, the password is "captured" (captured) to compare with a word list or dictionary. The password is then encrypted or "hashed" aimed at preventing unauthorized access and authenticating the origin (the owner).
The attackers will use a number of special tools to decrypt the algorithm and gain access to the password.
Common Forms for Passive Online attacks
- Traffic analysis
Observe the website movement and user visitor activity for each website.
- Exploit
Check email, messages have been decoded.
- To scan
Check the extension (open ports, low security framework) associated with the web for security holes.
- Encode
Block scrambled data streams and decrypt the encryption algorithm.
2. Passive Online Example
In the Man In The Middle (MITM - another Passive Online attack) the hacker intercepts the password authentication request and sends it to their own server.
Soon after, the hacker embeds a spy assessing the connection between the user and the server. In this way, the hacker can detect the two links, capture the user's secret key and password on the way to the confirmation server.
The attacker also sends back authentication packets to impersonate the user to authenticate the password without having to crack the secret key.
3. The difference between Active Online and Passive Online attack
- Active Online
The attacker will try to modify the content of the message.
Endanger the usability (availability of documents or messages).
+ Victims (users) need to pay attention when detecting the intrusion.
+ The victim is notified of the attack.
- Passive Online
The attacker will observe the messages and copy them for malicious use.
+ Threats to confidentiality.
+ User should pay attention to avoid (using high-strength passwords with two-factor authentication).
+ The victim was not informed.
The article covers relevant information about Passive Online password attacks and the difference between Passive Online attacks versus Active Online attacks. Thank you for watching and see you in the following articles.
You should read it
- The 'deadly' flaw when managing passwords online
- What is 51% attack? How does 51% attack work?
- What is a Sybil Attack?
- What is Office 365 Attack Simulator? How to use it?
- What is a Replay Attack?
- What is Volumetric DDoS Attack?
- 'Denial of Service' Attack: Web site obsession
- What is SS7 attack? What can hackers use it for?
- This is how hackers attack your Bitcoin wallet online
- Analysis of an attack (Part 3)
- Latest Skibid Toilet Attack Code
- Instructions for changing Dropbox password
Maybe you are interested
How to make passport online on phone, computer
Top 5 best free online video editing websites
What makes online casinos and betting fun?
How to Avoid Post-Tracking Targeted Ads After Shopping Online
6 Best AI-Powered Online Color Palette Generators
This list of common passwords shows how little we understand about online security