The Secure Shell concept originated on Unix as a replacement of the
unsecured "Berkeley services", that is, the rsh
,
rcp
, and rlogin
commands. Secure Shell replaces
also other unsecured terminal applications such as Telnet and FTP.
An increasing number of remote access tasks involve the exchange of confidential data over unsecured TCP/IP networks. A typical example of a remote access task is business e-mail where confidentiality of the data and authentication of the user are highly desired.
The core communication protocols used on the Internet do not natively provide confidentiality for data. Security services are thus deployed to protect the transmitted data from monitoring and modification by unauthorized parties. Security services eliminate many threats that exist on the Internet.
In a passive attack, the attacker monitors and maybe records the data that passes by on the network. Examples of passive attacks are eavesdropping and traffic analysis. Passive attacks are very hard to detect since they leave little or no trace of activity.
In active attacks, the attacker takes an active part in the communication. The attacker modifies or deletes data belonging to the stream coming from a legitimate party, inserts extra data to the stream, or initiates direct connections. Examples of active attacks are IP spoofing, TCP hijacking, replay, routing spoofing, and denial of service (DoS). Active attacks are usually easier to detect, but they also cause most harm.