Name Sniffing Attacks
Summary In this attack pattern, the adversary intercepts information transmitted between two third parties. The adversary must be able to observe, read, and/or hear the communication traffic, but not necessarily block the communication or change its content. Any transmission medium can theoretically be sniffed if the adversary can examine the contents between the sender and recipient. Sniffing Attacks are similar to Man-In-The-Middle attacks (CAPEC-94), but are entirely passive. MITM attacks are predominantly active and often alter the content of the communications themselves.
Prerequisites The target data stream must be transmitted on a medium to which the adversary has access.
Solutions Encrypt sensitive information when transmitted on insecure mediums to prevent interception.
Related Weaknesses
CWE ID Description
CWE-311 Missing Encryption of Sensitive Data
Back to Top