What is ip spoofing, Data diddling, Eavesdropping attack || Types of active & passive attacks

What is ip spoofing, Data diddling, Eavesdropping attack || Types of active & passive attacks

What is Data Diddling?

The data diddling is a cybercrime the attacker gain access to the database and he’s toying with the number in your spreadsheet, or changing the dates in your projections and plans. Maybe he’s changeing the account number fot the auto-deposit of certain paychecks.

In any case, rare is the case when you,ll come in to work one day, and simply know the something is wrong. An accountant procedure might turn up a discrepancy in the book three or four months after the fact. Trying to track the problem down will certainly be difficult and once the problem is discovered, how can any of your number from the time period be trusted? How far back do you have to go before you think that your data is safe?

What is ip spoofing Attack?

This is where one host claims to have the IP address of another. One way to authenticate data is to check the IP address, since many systems (such as router access control lists) define which packets may and which packets may not pass based on the sender’s IP address in data packets. If the address is valid that data is allowed to pass in the private network. IP address spoofing can be used to modify or delete data, or to perpetuate an additional type of attack.

What is Eavesdropping attack?

There are two types of eavesdropping attacks passive eavesdropping and active eavesdropping. this passive attack takes advantage of network traffic that is transmitted across the wire in clear text. The attacker simpli uses a device that monitors traffic and “listens” to discover information. You will hear this term referred to as sniffing the wire, and sometimes as snooping.

Password pilfering attack

A hacker will obtain user IDs and passwords, or even encryption key, to gain access to network data, which can then be altered, delete, or even used to create another attack. This type of attack is usually done by asking unsuspecting users. Reading sticky notes containing password that ai posted next to computers, or sniffing the wire for password information. Sometimes a hacker will attempts to get hired at a company merely to obtain an ID and password with access rights to the network.

Unauthorised access

Unauthorized access is a very high level term that can refer to a number of different sorts of attack. The goal of these attacks is to access some resources that your machine should not provide the attacker.

For example, a host might be a web server, and should provide anyone with requested web pages. However, that should not provide command shell access without being sure that the person making such a request is someone who should get it, such as a local administrator.

Data Destruction

Some of those perpetrate attacks are simply twisted jerks who like to delete things. In these cases, the impact on your computing capability and consequently your business can be nothing less than if a fire other disaster caused your computing equipment to be completely destroyed.

IP Session hijacking attack

The session hijacking relatively sophisticated attack, first described by Steve Bellovin. This is very dangerous, however, because there are now toolkits available in the underground community that allows otherwise unskilled bad-guy-wannabes to perpetrate this attack.

IP Session Hijacking is an attack whereby a user’s session is taken over, being in the control of the attacker. If the user was in the middle of email, the attacker is looking at the email and then can execute any commands he wishes as the attached user. The attacked user simple sees his session dropped, and may simply login again, perhaps not even noticing that the attacker is still logged in and doing things.

What is brute force attack?

The brute force attack commonly used in reference to password attacks. It simply means trying every possibility until one works. As you might guess, this usually takes a long time, which is why constraints are usually added to cut down on the number of possibilities. A constraint might be to use only lowercase letters, as a example. for more..

What is Difference between Brute Force and Dictionary Attack?

A brute force attack is when an attacker tries to attempt all possible combinations of a password to gain access to an account. This is resource intensive as there can be so many possible combinations. Imagine the possible number of combinations for an eight character password with alphabets and numbers. The longer the password, the more difficult it is to crack it using a brute force attack.

A dictionary attack is a type of brute force attack where the attacker, instead of trying all possible combinations, tries password from a dictionary file. The file will have some of the most commonly used passwords and some combination of those. Attackers commonly publish password dictionaries after attacks so that they can be used in future by other hackers.

Denial-of-Service (DoS)

A Denial-of-Service (DoS) attack are probably the nastiest and most difficult to address. There are the nastiest, because they are very easy to launch, difficult to track and this  attack meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic, or sending it information that triggers a crash.


Virus attacker can attack a system through a virus. It is a piece of software cord that is buried inside a trusted application that invokes some bad action to do some harmful on the computer or other network resources.

The methods for securing a network and it’s systems are often developed as soon as certain types of attacks occur. For example, before anyone wrote cord for the “internet worm” virus, there never was an anti-virus software. As attacks become more sophisticated. So does the defense against them.

Rate this post
Sharing Is Caring:

Leave a Comment