TECHNIQUES
- Home
- Techniques
- PRE-ATT&CK
- Conduct passive scanning
Conduct passive scanning
Passive scanning is the act of looking at existing network traffic in order to identify information about the communications system. [1] [2]
ID: T1253
Sub-techniques:
No sub-techniques
Tactic:
Technical Information Gathering
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018
Detection
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Generates no network traffic that would enable detection.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Easy to do but it requires a vantage point conducive to accessing this data.
References
- Jamal Raiyn. (2014). A survey of Cyber Attack Detection Strategies. Retrieved March 5, 2017.
- H. P. Sanghvi and M. S. Dahiya. (2013, February). Cyber Reconnaissance: An Alarm before Cyber Attack. Retrieved March 5, 2017.
×