This document discusses security attacks on networks. It describes passive attacks, which attempt to learn or use information without affecting system resources, such as eavesdropping. It also describes active attacks, which alter system resources or operation, such as masquerading, replaying messages, modifying messages, or denying service. The document outlines specific passive attacks like traffic analysis and releasing message contents. It also provides examples of active attacks and explains they are harder to prevent due to various vulnerabilities but emphasis is placed on detection and recovery.