Vulnerability quiz: Bonus question
In order, what are the five general steps of an intrusion?
A. Reconnaissance, scanning, gaining access, maintaining access, covering tracks
| Steps in attack
|
Explanation
|
Examples
|
| Reconnaissance |
Intelligence work of obtaining information, either passively or actively. |
Passively = Sniffing traffic, eavesdropping
Actively = Obtaining data from ARIN and Whois databases, examining Web site HTML code, social engineering |
| Scanning |
Identifying systems that are running and the services that are active on them. |
|
| Gaining access |
Exploiting identified vulnerabilities to gain unauthorized access. |
Exploiting a buffer overflow or brute forcing a password and logging onto a system. |
| Maintaining access |
Uploading malicious software to ensure re-entry is possible. |
Installing a backdoor on a system. |
| Covering tracks |
Carrying out activities to hide one's malicious activities. |
Deleting or modifying data in system and application logs. |