Methodologies

The phases of an attack

1. Reconnaissance - Information gathering, physical and social engineering, locate network range
2. Scanning - Enumerating Live hosts, access points, accounts and policies, vulnerability assessment
3. Gaining Access - Breech systems, plant malicious code, backdoors
4. Maintaining Access - Rootkits, unpatched systems
5. Clearing Tracks - IDS evasion,log manipulation, decoy traffic


Information Gathering

1. Unearth initial information - What/ Who is the target?
2. Locate the network range - What is the attack surface?
3. Ascertain active machines - What hosts are alive?
4. Open ports / access points - How can they be accessed?
5. Detect operating systems - What platform are they?
6. Uncover services on ports - What software can be attacked?
7. Map the network - Tie it all together, document, and form a strategy.


Web server attack methodology

1. Information gathering
2. Web server footprinting
3. Mirroring
4. Vulnerability scanning
5. Session hijacking
6. Hacking web server passwords


Phases of an outbreak

1. Infection
2. Spreading
3. Attack


Virus Lifecycle

1. Design
2. Replication
3. Launch
4. Detection
5. Incorporation
6. Elimination


Prevention and incident response

1. Detection
2. Notification
3. Assessment
4. Containment
5. Eradication
6. Reconstitution
7. Lessons learnt

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License