Hashing with salt is a better approach for security. I want to know what kind of attack salting protects against, eg. eavesdropping.
Next, I want to know if the salt value is the same for the same password. Suppose that the server keeps the password and a ramdom salt. When the user want to login, it produce a ramdom salt and send the hash. In this manner, the hash from the server and the user have no way to match. Is my opinion right?
I want to know what kind of attack salting protects against, eg. eavesdropping.
It protects against bruteforcing attacks. See this. Note that eavesdropping is something you worry about for data in transit - when it is sent between client and server. You hash password to protect data at rest - when it is stored on the server. (To protect passwords in transit - on their journey over the network from client to server - you use HTTPS. Bet that is another matter.)
Suppose that the server keeps the password and a ramdom salt. When the user want to login, it produce a ramdom salt and send the hash. In this manner, the hash from the server and the user have no way to match. Is my opinion right?
No, you are misunderstanding how password hashing is done. The client does not hash the password, so the user has no salt. So the problem of the salts not matching never arises.
Instead the client sends the passwod unhashed to the server. The server has one unique salt per password. That same salt is both used when originally hashing a new password for storage, and when checking passwords at login. That way, the hashes can be compared becuase the server used the same salt both times.
