From 4a562b57dabe7093d1e657cfea5f73d3938ee077 Mon Sep 17 00:00:00 2001 From: shockrah Date: Sun, 5 Jul 2020 16:33:10 -0700 Subject: [PATCH] renamed first lecture ntoes --- 312/1.md | 12 ------------ 312/active-passive-attacks.md | 23 +++++++++++++++++++++++ 2 files changed, 23 insertions(+), 12 deletions(-) delete mode 100644 312/1.md create mode 100644 312/active-passive-attacks.md diff --git a/312/1.md b/312/1.md deleted file mode 100644 index acce2c3..0000000 --- a/312/1.md +++ /dev/null @@ -1,12 +0,0 @@ - -# Active v Passive Attacks - -Passive: compromising a system but not necessarily doing anything apart from _watching_ - -Active: compromising a system while doing something to the system apart from infiltrating it - -> wait what? - -_Passive_ can be just like listening in on a conversation(eavesdropping) where _active_ is like jumping into the conversation and trying to do something to it. - - diff --git a/312/active-passive-attacks.md b/312/active-passive-attacks.md new file mode 100644 index 0000000..1272e26 --- /dev/null +++ b/312/active-passive-attacks.md @@ -0,0 +1,23 @@ + +# Active v Passive Attacks + + +## Base Definitions + +Passive: compromising a system but not necessarily doing anything apart from _watching_ + +Active: compromising a system while doing something to the system apart from infiltrating it + +## Loosely speaking + +_Passive_ can be just like listening in on a conversation(eavesdropping) where _active_ is like jumping into the conversation and trying to do something to it. + + +## When/How would either happen? + + +If the result of an attack is to actually trigger some code to run then usually we need to first gather the information required to understand how to make that happen. +The reasoning is straightforward: if you don't know how some system works then it's much harder to exploit that system. + +Random example: Using a keylogger to log keystroke before sending those logs to a server for processing could be a passive attack since you're still in a _gathering data_ sort of mode. +Finally using that data to trying logging into some service would be the active portion of a full-scale attack.