
www.syngress.com
16 Chapter 2 • Meet Your Opponent
The difference between an online and an offline attack is that an online
attack has the protection of the system where the password is stored. Offline
attacks have no protection.
Online attacks use the normal login mechanisms of a system. Faced with
a login prompt, an attacker can either manually enter passwords or use some
software tool to automate the process. Online attacks are normally easy to
detect—and block if necessary—so they are not usually successful. With an
online attack, the attacker will want to guess your password with just a few
guesses to avoid detection.
However, patient hackers can use ...