401d8 read43 - carlosjorr/reading-notes GitHub Wiki

Sniffing and Evasion

Explain a Sniffing attack using non-technical terms.

A sniffing attack is like someone eavesdropping on your private conversations without your knowledge. In the digital world, it's when a person secretly listens to the information being sent between your computer and another, trying to steal sensitive data.

What are the two types of sniffing attacks and what are some pros and cons of each approach?

Passive Sniffing: This is like a silent observer. The attacker quietly listens to the data passing between devices without actively participating in the conversation. They capture information as it flows by. Pros: It's hard to detect since it doesn't actively interfere. Cons: It can be slow to collect data and may not work well if the communication is encrypted.

Active Sniffing: This is more like someone jumping into the conversation and grabbing information actively. The attacker inserts themselves into the data flow, intercepts it, and can modify or block data. Pros: It's faster and more effective at capturing data. Cons: It's easier to detect, and it can disrupt the communication.

How does encryption protect traffic against sniffing attacks?

Encryption protects traffic against sniffing attacks by turning your messages into a secret code that only the intended recipient can understand. Imagine you're sending a letter, but instead of writing it in plain language, you write it in a secret code. Even if someone intercepts the letter, they can't understand its contents without the code. Encryption makes it extremely difficult for sniffers to make sense of the data they capture, keeping your information safe from prying eyes.