1. Reconnaissance
- Active reconnaissance involves interacting with the target directly by any means. For example, telephone calls to the help desk or technical department.
- Passive reconnaissance involves acquiring information without directly interacting with the target. For example, searching public records or news releases.
2. Scanning
Scanning refers to the pre-attack phase when the hacker scans the network specific information on the basis of information gathered during reconnaissance. Scanning can include use of dialers, port scanners, vulnerability scanners, network mapping, sweeping, and so on.
3. Gaining Access
Gaining access refers to the penetration phase. The hacker exploits the vulnerability in the system. The exploit can occur over a LAN, the Internet, or as a deception, or theft. Examples include buffer oveflows, denial of service, session hijacking, and password cracking. Influencing factors include architecture and configuration of the target system, the skill level of the perpetrator, and the initial level of access obtained.
4. Maintaining Access
Maintaining access refers to the phase when the hacker tries to retain his or her ownership of the system. Hacker may harden the system from other hacker as well (to own the system) by securing their exclusive access with Backdoors, RootKits, or Trojans. Hacker can upload, download, or manipulate data, applications, and configurations on the owned system.
5. Covering Tracks
Covering tracks refers to the activities that the hacker does to hide his or her misdeeds. Reason include the need for prolonged stay, continued use of resources, removing evidence of hacking, or avoiding legal action. Examples include steganography, tunneling, and altering log files.
Subscribe to:
Post Comments (Atom)
0 komentar:
Post a Comment