◆ Passive attack
Passive attack is network eavesdropping, intercepting and analyzing data packets and stealing important sensitive information. Passive attacks are hard to find, so prevention is very important. The main means to prevent passive attacks is data encryption transmission. In order to protect network resources from threats and attacks, based on cryptography and security protocols, five security services in network security system are developed, namely, identity authentication, access control, data confidentiality, data integrity and non-repudiation. ISO, the international organization for standardization, clearly defines these five types of security services.
◆ Active attacks include theft, tampering, forgery and destruction.
Active attacks include theft, tampering, forgery and destruction. Dictionary password guessing, IP address spoofing and denial of service attacks are all active attacks. A good identity authentication system (including data encryption, data integrity check, digital signature and access control) can be used to prevent active attacks, but it is difficult to put an end to active attacks, so another measure to deal with active attacks is to find and recover the damage caused in time. There are many practical attack detection tools.
The best defense method is a high-performance firewall. If hackers can't send packets to every machine, the machine will not be easily invaded.