Methods of attack

Any attack will have a number of stages and it is important that an administrator both knows and understands these states in order to be able to;

1. mitigate attacks before they cause damage,
2. log an evidence trail for possible prosecution use
3. defend against possible attacks against the organization.

It should be possible to stop all attacks from unskilled attackers and to make it infeasible for skilled attackers to spend time on your systems.

An understanding of how an attacker thinks is essential to this process.

The attack process follows the standard pattern.

Phase 1 - Recon or Information Collection
This stage consists of several parts.

• Unobtrusive Public Research
• Social Engineering
• Scanning
• System break-ins

Phase 2 - extending access
In this phase we see:

• Pivot systems for more attacks
• Extend Access (e.g. using a Trojan
• Privilege escalation
• DoS / DDoS attacks

To be continued soon…