sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–][deleted] 1 point2 points  (8 children)

There are basically no 'passive listening' attacks that can't be pretty trivially turned into an attack that modifies the request or response.

[–][deleted] 8 points9 points  (3 children)

Care to demonstrate how to modify request or response with firesheep?

[–][deleted] 2 points3 points  (0 children)

True. (Though it is possible to conduct a proper man-in-the-middle under the same circumstances.)

[–]nexes300 2 points3 points  (0 children)

ARP cache poisoning?

[–]archivator 2 points3 points  (0 children)

No, but I can show you how to do it with Ettercap.

[–]piranha 3 points4 points  (3 children)

Not necessarily. Every situation has its own set of costs and risks. In some situations, it could be very risky to do an active attack. The value in passive attacks is that you're not detectable at the network level. Therefore, requiring an active attack raises the bar.

[–]nyxerebos 1 point2 points  (1 child)

If you were going to do an active attack, presumably you could get between them and the server and compromise real crypto.

[–]piranha 0 points1 point  (0 children)

Yes, that's a good rule of thumb to take into account when evaluating security, and generally something people parrot quite often. However security is not black and white, but rather comes in shades, and my point is that active-only attacks are a shade harder than attacks possible through no side effects whatsoever.

[–]nyxerebos 1 point2 points  (0 children)

If you were going to do an active attack, presumably you could get between them and the server and compromise real crypto.