Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Computer security
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===Eavesdropping=== [[Eavesdropping]] is the act of surreptitiously listening to a private computer conversation (communication), usually between hosts on a network. It typically occurs when a user connects to a network where traffic is not secured or encrypted and sends sensitive business data to a colleague, which, when listened to by an attacker, could be exploited.<ref name="Fortinet">{{Cite web |title=What Are Eavesdropping Attacks? |url=https://www.fortinet.com/resources/cyberglossary/eavesdropping |access-date=2023-12-05 |website=Fortinet |language=en}}</ref> Data transmitted across an ''open network'' allows an attacker to exploit a vulnerability and intercept it via various methods. Unlike [[malware]], direct-access attacks, or other forms of cyber attacks, eavesdropping attacks are unlikely to negatively affect the performance of networks or devices, making them difficult to notice.<ref name="Fortinet" /> In fact, "the attacker does not need to have any ongoing connection to the software at all. The attacker can insert the software onto a compromised device, perhaps by direct insertion or perhaps by a virus or other malware, and then come back some time later to retrieve any data that is found or trigger the software to send the data at some determined time."<ref>{{Citation |last=York |first=Dan |title=Chapter 3 β Eavesdropping and Modification |date=2010-01-01 |url=https://www.sciencedirect.com/science/article/pii/B978159749547900003X |work=Seven Deadliest Unified Communications Attacks |pages=41β69 |editor-last=York |editor-first=Dan |access-date=2023-12-05 |place=Boston |publisher=Syngress |isbn=978-1-59749-547-9}}</ref> Using a [[virtual private network]] (VPN), which encrypts data between two points, is one of the most common forms of protection against eavesdropping. Using the best form of encryption possible for wireless networks is best practice, as well as using [[HTTPS]] instead of an unencrypted [[HTTP]].<ref>{{Cite web |title=What Are Eavesdropping Attacks & How To Prevent Them |url=https://enterprise.verizon.com/resources/articles/s/what-are-eavesdropping-attacks/ |access-date=2023-12-05 |website=Verizon Enterprise |language=en}}</ref> Programs such as [[Carnivore (FBI)|Carnivore]] and [[Narus (company)|NarusInSight]] have been used by the [[Federal Bureau of Investigation]] (FBI) and NSA to eavesdrop on the systems of [[internet service provider]]s. Even machines that operate as a closed system (i.e., with no contact with the outside world) can be eavesdropped upon by monitoring the faint [[electromagnetism|electromagnetic]] transmissions generated by the hardware. [[Tempest (codename)|TEMPEST]] is a specification by the NSA referring to these attacks.
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)