Scribd Logo
Upload

Welcome to Scribd!

  • Lifecycle of An Attack

    Uploaded by

    Dhritiman Basu
    6 views9 pages

    Original Title

    Lifecycle of an Attack

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    6 views9 pages

    Lifecycle of An Attack

    Uploaded by

    Dhritiman Basu

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 9

    Lifecycle of an attack

    -Apoorva Srinivasan

    Lifecycle of an attack
    Probing Penetrate Persists Propagate Paralyze

    Probing
    Attacker first explores the target, and looks for the vulnerability in the system. The common methods for doing this are -

    Scanning ports/IP and checking for open ports . Tools


    used are nmap

    Guess users and passwords Guessing some common


    users that are created for some special purposes. host

    Run traceroute print the route packets take to network Exploiting the bugs/loopholes of the target s/w

    Penetrate

    Penetrate

    An attempt to get into the target system by exploiting the vulnerabilities found. The methods used are

    Buffer overflows: to overflow the system stack/heap to


    either crash the account (DoS) or to get control of the execution

    Email attachments: Sending an executable via attachment. Back Door and Trojans: Backdoors are unauthorized or
    a secret entry that surpasses all kind of security

    Java applets & Active X controls: Accessing full Brute Force attacks: Trying all combinations of
    passwords to login.

    windows system information via Active X control. Can be developed in any language.

    Persist
    Makes changes into the target system to Weaken the existing security settings or by install new services by -

    Creating or modifying files weaken Registry strings install new services Register Trap doors

    Propagating
    The virus can then be transferred to another communicating machines in many ways

    Email : eg automatically forward the virus to all the


    contacts in the address book.

    Internet connections FTP infected file shares

    Paralyzing
    Since now the attacker has access to the target system, the final stage depends upon the attacker and what damages he wants to do. Some things may include

    Reading or corrupting confidential data Formatting the disk Crashing the system Remove all the security

    References
    http://shrenikp.webs.com/apps/blog/show/
    4187107-life-cycle-of-an-attack 2010/04/crim.gif 6.0.1

    http://www.indiastand.com/wp-content/uploads/ Using Management Center for Cisco Security Agents http://searchsecurity.techtarget.com/definition/


    Images

    Thank you

    You might also like