Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia

Threats and Attacks

Passive Attacks

Passive attacks are very hard to detect since they leave little or no trace of activity. In a passive attack, the attacker monitors and maybe records the data that passes by on the network. Eavesdropping and traffic analysis are types of passive attacks.

Active Attacks

In active attacks, the attacker takes an active part in the communication. The attacker modifies or deletes data belonging to the stream coming from a legitimate party, inserts extra data to the stream, or initiates direct connections. Active attacks are usually easier to detect but they also cause most harm. IP spoofing, TCP hijacking, replay, routing spoofing, and denial of service (DoS) are types of active attacks.


 

 
What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.



    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH



    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now