- Passive :- It can simply be browsing the web, collecting information, try directory browsing.
- Active :- This is going to be a major part of this phase, where we use network tools, identify weakness in the company.
2. Vulnerability/Scanning :- Network scanning is a procedure for identifying active hosts on a network, either for the purpose of attacking them or for network security assessment. In scanning phase we identify the potential weaknesses like open ports, using scanning tools such as NMAP.
3. Penetration / Gaining Access :- For example if the connection is not secure, anyone can use a packet sniffer and snatch passwords right off the air.
4. Maintaining Access :- Once we gain access, then create another account with domain level account privileges if root is known. Also we can install Trojan horse program or backdoors to maintain access.
5. Covering Tracks :- This is the last & final stage where a hacker covers the track of any records or logs showing his malicious behavior. Because in reality if the IT department found out that a hacker is trying to access their network, they would shutdown the IP address, and try to identify some other things about the attack.
No comments:
Post a Comment