A passive attack is an attack wherein the hacker waits for the perfect opportunity to penetrate your system. This type of attack is typically done in order for a hacker to observe your networking structure, the type of software you use, or any security measures that you have already installed.
Passive attacks typically happen when a hacker monitors possible system vulnerabilities without making any changes to the data that he targets. You can think of this attack as a hacker’s means of researching about his target in order to launch a more effective attack. Passive attacks are classified into:
1. Active reconnaissance
This happens when an intruder listens right into a targeted system by engaging the target to find out where weak points are. This is typically done through port scanning, which is an effective tactic to find out where the vulnerable ports are located and what type of data they normally host. After discovering the vulnerability, a hacker may engage this weak point and exploit the services that are associated with them.
2. Passive reconnaissance
This happens when a hacker chooses to study the targeted system without actively engaging it, without the intention of directly engaging the target. Passive reconnaissance tactics include war driving (discovery of unprotected wireless network), dumpster diving (finding data on discarded devices or documents), or masquerading (pretending to be a network user with authorization)
These two tactics can be essential tools when it comes to discovering vulnerabilities in your computer system to enable you to prevent any further attacks. Once you are able to use reconnaissance tactics, you can easily map out where the weak points of your computer system really are.
Once you are able to identify vulnerable points through the use of test reconnaissance attacks, you will realize that the simplest and best way to protect your computer system from snooping is to install an IPS (intrusion prevention system), which will serve as your safeguard from port scans and your automated method of shutting down any attempts of a port scan before an intruder gets a complete map of your network. At the same time, you can also install a good firewall that will control the visibility of your network’s ports.
No comments:
Post a Comment