Passive Attack
Passive Attack: A type of network attack where the attacker intercepts and reads information transmitted over a network without altering the data or affecting the system’s operation. The intent is usually to gather information, often confidential, without detection. Examples include eavesdropping, traffic analysis, and sniffing, where the attacker’s main goal is to obtain unauthorized access […]
Passive Detection
Passive Detection: A security method that identifies threats and vulnerabilities by monitoring systems for suspicious activities without altering data or interacting with it. This technique is employed to detect potential attacks early and mitigate them effectively. Examples include intrusion detection systems and network security monitoring tools.
Passive Response
Passive Response: A method of dealing with potential threats by logging them and possibly issuing alerts but not taking direct action to interrupt or mitigate the threat. These responses are often employed when the cost or potential disruption of active response exceeds the perceived risk of the threat. The goal is to gather information about […]
Pass-the-hash
Pass-the-hash: A type of exploit where an attacker uses a hashed form of a user’s password instead of the actual password to authenticate against a network service. This kind of attack bypasses the need to decrypt or crack the password and takes advantage of the fact that many systems authenticate users by comparing the hash […]
Password cracking
Password cracking: The process of attempting to guess or decrypt a password that has been stored or transmitted, often by trying a series of possible passwords until the correct one is found. Various methods are used, including brute force attacks (trying all possible combinations), dictionary attacks (using common words or phrases), and rainbow table attacks […]
Password guessing
Password guessing: The method where an unauthorized entity tries to gain access to a system by guessing the password. This is usually done through brute force methods (trying all possible combinations) or, more commonly, by using lists of commonly used passwords. Password guessing can be mitigated by enforcing complexity requirements and limiting the number of […]