The phases of an attack
1. Reconnaissance - Information gathering, physical and social engineering, locate network range
2. Scanning - Enumerating Live hosts, access points, accounts and policies, vulnerability assessment
3. Gaining Access - Breech systems, plant malicious code, backdoors
4. Maintaining Access - Rootkits, unpatched systems
5. Clearing Tracks - IDS evasion,log manipulation, decoy traffic
Information Gathering
1. Unearth initial information - What/ Who is the target?
2. Locate the network range - What is the attack surface?
3. Ascertain active machines - What hosts are alive?
4. Open ports / access points - How can they be accessed?
5. Detect operating systems - What platform are they?
6. Uncover services on ports - What software can be attacked?
7. Map the network - Tie it all together, document, and form a strategy.
Web server attack methodology
1. Information gathering
2. Web server footprinting
3. Mirroring
4. Vulnerability scanning
5. Session hijacking
6. Hacking web server passwords
Phases of an outbreak
1. Infection
2. Spreading
3. Attack
Virus Lifecycle
1. Design
2. Replication
3. Launch
4. Detection
5. Incorporation
6. Elimination
Prevention and incident response
1. Detection
2. Notification
3. Assessment
4. Containment
5. Eradication
6. Reconstitution
7. Lessons learnt