Sniffing and Evasion - focodecided/ops401-cybersecurity GitHub Wiki
Explain a Sniffing attack using non-technical terms.
A sniffing attack is like eavesdropping on conversations happening over a network. Just like someone could listen in on a private phone call, a sniffing attack allows an attacker to intercept and monitor data traffic flowing over a computer network that was meant to be private. It's similar to wiretapping, but for digital data communications instead of voice calls.
What are the two types of sniffing attacks and what are some pros and cons of each approach?
The two main types of sniffing attacks are:
-
Active Sniffing - This involves the attacker inserting themselves directly into the network traffic flow to intercept data. The pro is the attacker can capture all traffic. The con is it may be easier to detect since the attacker is actively intruding.
-
Passive Sniffing - This just monitors network traffic passively without inserting the attacker's presence. The pro is it's harder to detect. The con is the attacker may miss some traffic depending on positioning.
How does encryption protect traffic against sniffing attacks?
Encryption scrambles data communications so that even if a sniffing attack intercepts the traffic, the attacker cannot understand the content because it is encoded intoan unreadable format. It's like sending messages in secret code - without the decryption key, the sniffed messages look like nonsensical gibberish. This protects the confidentiality of the data from sniffing attacks.
Source:
https://www.geeksforgeeks.org/what-is-sniffing-attack-in-system-hacking/