LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

What are the four classes of access attacks?

Password attacks, trust exploitation, port redirection, and man-in-the-middle.

Access attacks exploit weaknesses in authentication, FTP, and web services to gain entry to accounts, databases, and other resources the attacker should not reach. They split into four classes that differ in how the attacker gets in:

Man-in-the-middle attacker relaying and altering traffic between Alice and Bob

* Man-in-the-middle, one of the four classes: the attacker sits between two parties and relays (or alters) traffic without either noticing. *

  1. Password attacks - Recovering a password through brute force (trying many guesses), Trojan horse programs, or packet sniffers that capture credentials sent in plaintext. Strong passwords and encryption are the countermeasures.

  2. Trust Exploitation - Abusing a trust relationship: once one machine is compromised, the attacker rides the trust other systems already place in it (e.g. a DMZ host that the inside network trusts) to reach deeper targets.

  3. Port Redirection - A special case of trust exploitation where the attacker installs software on a compromised host so it relays traffic to a target it can reach but the attacker cannot — pivoting through the victim to a host on a different port.

  4. Man-in-the-middle - The attacker secretly positions between two communicating parties to intercept, relay, or alter their traffic without either side noticing. Real-world techniques include ARP spoofing on a LAN, a rogue Wi-Fi access point, and SSL stripping. (Phishing, by contrast, is social engineering — a separate category, not MITM.)

Go deeper:

From Quiz: NETW1 / Network Security Fundamentals | Updated: Jul 05, 2026