renamed first lecture ntoes
This commit is contained in:
		
							parent
							
								
									57c9bc70eb
								
							
						
					
					
						commit
						4a562b57da
					
				
							
								
								
									
										12
									
								
								312/1.md
									
									
									
									
									
								
							
							
						
						
									
										12
									
								
								312/1.md
									
									
									
									
									
								
							| @ -1,12 +0,0 @@ | |||||||
| 
 |  | ||||||
| # Active v Passive Attacks |  | ||||||
| 
 |  | ||||||
| Passive: compromising a system but not necessarily doing anything apart from _watching_ |  | ||||||
| 
 |  | ||||||
| Active: compromising a system while doing something to the system apart from infiltrating it |  | ||||||
| 
 |  | ||||||
| > wait what? |  | ||||||
| 
 |  | ||||||
| _Passive_ can be just like listening in on a conversation(eavesdropping) where _active_ is like jumping into the conversation and trying to do something to it. |  | ||||||
| 
 |  | ||||||
| 
 |  | ||||||
							
								
								
									
										23
									
								
								312/active-passive-attacks.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										23
									
								
								312/active-passive-attacks.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,23 @@ | |||||||
|  | 
 | ||||||
|  | # Active v Passive Attacks | ||||||
|  | 
 | ||||||
|  | 
 | ||||||
|  | ## Base Definitions | ||||||
|  | 
 | ||||||
|  | Passive: compromising a system but not necessarily doing anything apart from _watching_ | ||||||
|  | 
 | ||||||
|  | Active: compromising a system while doing something to the system apart from infiltrating it | ||||||
|  | 
 | ||||||
|  | ## Loosely speaking | ||||||
|  | 
 | ||||||
|  | _Passive_ can be just like listening in on a conversation(eavesdropping) where _active_ is like jumping into the conversation and trying to do something to it. | ||||||
|  | 
 | ||||||
|  | 
 | ||||||
|  | ## When/How would either happen? | ||||||
|  | 
 | ||||||
|  | 
 | ||||||
|  | If the result of an attack is to actually trigger some code to run then usually we need to first gather the information required to understand how to make that happen. | ||||||
|  | The reasoning is straightforward: if you don't know how some system works then it's much harder to exploit that system. | ||||||
|  | 
 | ||||||
|  | Random example: Using a keylogger to log keystroke before sending those logs to a server for processing could be a passive attack since you're still in a _gathering data_ sort of mode. | ||||||
|  | Finally using that data to trying logging into some service would be the active portion of a full-scale attack. | ||||||
		Loading…
	
		Reference in New Issue
	
	Block a user
	 shockrah
						shockrah