PASSIVE ATTACKPassive attack attempts to take the information fromthe system and does not affect any system resourcesand its operations.
ACTIVE ATTACKActive attack attempts to change the systemresources or affect their usual operations.
INSIDER ATTACKAn insider attack involves someone from theinside, such as a disgruntled employee, attacking thenetwork.
CLOSE – IN ATTACKA close-in attack involves someone attempting to getphysically close to network components, data, andsystems in order to learn more about a network.
PHISHING ATTACKIn phishing attack the hacker creates a fake web site thatlooks exactly like a popular site. The phishing part of theattack is that the hacker then sends an e-mail messagetrying to trick the user into clicking a link that leads to thefake site. When the user attempts to log on with theiraccount information, the hacker records the username andpassword and then tries that information on the real site.
HIJACK ATTACKIn a hijack attack, a hacker takes over a session betweenyou and another individual and disconnects the otherindividual from the communication. You still believethat you are talking to the original party and may sendprivate information to the hacker by accident.
SPOOF ATTACKIn a spoof attack, the hacker modifies the sourceaddress of the packets he or she is sending so thatthey appear to be coming from someone else. Thismay be an attempt to bypass your firewall rules.
BUFFER OVERFLOW ATTACKA buffer overflow attack is when the attacker sends moredata to an application than is expected. A buffer overflowattack usually results in the attacker gaining administrativeaccess to the system in a command prompt or shell.
EXPLOIT ATTACKIn this type of attack, the attacker knows of a securityproblem within an operating system or a piece of softwareand leverages that knowledge by exploiting thevulnerability.
PASSWORD ATTACKAn attacker tries to crack the passwords stored in anetwork account database or a password-protected file.
DEFINITIONS A dictionary attack uses a word list file, which is a list of potential passwords. A brute-force attack is when the attacker tries every possible combination of characters. A hybrid attack builds on the dictionary attack method by adding numerals and symbols to dictionary words