COEN 252. Security Threats. Network Based Exploits. Phases of an Attack Reconnaissance Scanning Gaining Access Expanding Access Covering Tracks. Reconnaissance. Social Engineering “I cannot access my email. What do I do?” Dumpster Diving (especially useful when people move)
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Phases of an Attack
Once we have a target, we need to get to know it better.
Purpose: Find a modem connection.
(Uses traceroute and other tools to map a network.)
Cheops et Co. are the reason that firewalls intercept pings.
After successful intrusion, an attacker should:
C:\ nc -1 –p 12345 –e cmd.sh
A backdoor built as a Trojan of system executables such as ipconfig.
Changes the OS, not only system executables.
Study by Sarah Gordon, IBM, in Beiser, Vince, “Inside the Virus Writer’s Mind”