Definitions for "Passive Attack"
Attack which does not result in an unauthorized state change, such as an attack that only monitors and/or records data.
When confidentiality is violated but the state of the system is not affected, an attack is passive. An example is the electronic eavesdropping on network transmissions to release message contents or to gather unprotected passwords.
an attack that does not 'touch' a targets network directly so you are not committed to follow through with the compromise at that time
Someone not involved in the protocol can evesdrop on some or all of the protocol