TECHNIQUES
- Home
- Techniques
- PRE-ATT&CK
- Analyze hardware/software security defensive capabilities
Analyze hardware/software security defensive capabilities
An adversary can probe a victim's network to determine configurations. The configurations may provide opportunities to route traffic through the network in an undetected or less detectable way. [1]
ID: T1294
Sub-techniques:
No sub-techniques
Tactic:
Technical Weakness Identification
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018
Detection
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: This can be done offline after the data has been collected.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Analyze network traffic to determine security filtering policies, packets dropped, etc.
References
- InfoSec Institute. (2014, June 19). What You Must Know About OS Fingerprinting. Retrieved March 1, 2017.
×