TECHNIQUES
- Home
- Techniques
- PRE-ATT&CK
- Proxy/protocol relays
Proxy/protocol relays
Proxies act as an intermediary for clients seeking resources from other systems. Using a proxy may make it more difficult to track back the origin of a network communication. [1]
ID: T1304
Sub-techniques:
No sub-techniques
Tactic:
Adversary Opsec
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018
Detection
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Defenders with standard capabilities will traditionally be able to see the first hop but not all the subsequent earlier hops an adversary takes to be able to conduct reconnaissance.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Proxies are readily available for the adversary with both free and cost-based options available.
References
- Mandiant. (n.d.). APT1: Exposing One of China’s Cyber Espionage Units. Retrieved March 5, 2017.
×