Home > CAPEC List > CAPEC-157: Sniffing Attacks (Version 2.11)  

CAPEC-157: Sniffing Attacks

 
Sniffing Attacks
Definition in a New Window Definition in a New Window
Attack Pattern ID: 157
Abstraction: Standard
Status: Draft
Completeness: Stub
Presentation Filter:
+ Summary

An attacker monitors information transmitted between logical or physical nodes of a network. The attacker need not be able to prevent reception or change content but must simply be able to observe and read the traffic. The attacker might precipitate or indirectly influence the content of the observed transaction, but the attacker is never the intended recipient of the information. Any transmission medium can theoretically be sniffed if the attacker can listen to the contents between the sender and recipient.

+ Attack Prerequisites
  • Any target that transmits readable data could be attacked in this way. Cryptographic techniques that render a data-stream unreadable can thwart this type of attack.

+ Typical Severity

Medium

+ Resources Required

The attacker must be able to intercept the transmissions containing the data of interest. Depending on the medium of transmission and the path the data takes between the sender and recipient, the attacker may require special equipment and/or require that this equipment be placed in specific locations.

+ Content History
Submissions
SubmitterOrganizationDateSource
CAPEC Content TeamThe MITRE Corporation2014-06-23Internal_CAPEC_Team
Modifications
ModifierOrganizationDateCommentsSource
CAPEC Content TeamThe MITRE Corporation2015-12-07Updated Related_Attack_PatternsInternal

More information is available — Please select a different filter.
Page Last Updated or Reviewed: July 31, 2017