Chapter 4 Quiz

What do we mean by the steps reconnaissance, compromise and cover-up and what are some techniques used in each step?

Reconnaissance

  • Learn as much about the target as possible.
  • Pings and traceroutes are commonly used.
  • Nmap - port scans, they reveal open ports vulnerable to attack.

Compromise

  • the attacker attempts to the target with multiple methods.
  • Passwords attacks
  • Exploit weaknesses in software:
  • Buffer overflows
  • SQL injection u
  • Metasploit - a perl based exploit tool. P
  • Pishing
  • Spam and spyware.

Cover-Up:

  • remove evidence of the compromise.
  • Using remote access, most commonly IRC bots.
  • Change event logs
  • A rootkit may be used to modify the OS to hide running.
  • Encrypting the exploit
  • Fragmentation of IP packets.
Topic revision: r2 - 2013-12-18 - JimSkon
 
This site is powered by the TWiki collaboration platformCopyright &© by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback