As the name suggests, eavesdropping is clearly listening to communication traffic for the purpose of repeating it. The repetition can take the form of recording the data to a storage device or to an extraction program that dynamically tries to extract the primary content from the traffic stream. Once a copy of traffic content is in the hands of a cracker, they can usually extract many forms of secret data, such as usernames, passwords, process procedures, and so on.
Eavesdropping regularly needs physical access to the IT infrastructure to connect a physical recording device to an open port or cable splice or to install a software recording tool onto the system. It’s usually facilitated by the use of a network traffic capture or monitoring software or a protocol analyzer system (usually called a sniffer).
Eavesdropping devices and programs are normally hard to detect because they are used in passive attacks. When eavesdropping is transformed into changing or injecting communications, the attack is considered an active attack.
The popular threat of eavesdropping is one of the primary motivations to secure communications. It is easier to intercept data that is in transit than data that is in storage.
Latest posts by Unallocated Author (see all)
- The Digital Revolution: Ways to Drive Business Growth in the Private Education Sector - March 9, 2020
- Top Cybersecurity Trends In 2020 - February 20, 2020
- Microsoft Rolled Out Huge Patch Tuesday February With 99 Bug Fixes - February 14, 2020