CAPEC-292

Host Discovery
Baixa
Stable
2014-06-23
00h00 +00:00
2020-12-17
00h00 +00:00
CAPEC Mitre.org
Alerta para um CAPEC
Fique informado sobre quaisquer alterações para um CAPEC específico.
Gerenciar notificações

Descrições CAPEC

An adversary sends a probe to an IP address to determine if the host is alive. Host discovery is one of the earliest phases of network reconnaissance. The adversary usually starts with a range of IP addresses belonging to a target network and uses various methods to determine if a host is present at that IP address. Host discovery is usually referred to as 'Ping' scanning using a sonar analogy. The goal is to send a packet through to the IP address and solicit a response from the host. As such, a 'ping' can be virtually any crafted packet whatsoever, provided the adversary can identify a functional host based on its response. An attack of this nature is usually carried out with a 'ping sweep,' where a particular kind of ping is sent to a range of IP addresses.

Informações CAPEC

Pré-requisitos

The adversary requires logical access to the target network in order to carry out host discovery.

Recursos Necessários

The resources required will differ based upon the type of host discovery being performed. Usually a network scanning tool or scanning script is required due to the volume of requests that must be generated.

Fraquezas Relacionadas

CWE-ID Nome da Fraqueza

CWE-200

 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Referências

REF-33

Hacking Exposed: Network Security Secrets & Solutions
Stuart McClure, Joel Scambray, George Kurtz.

REF-34

Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
Gordon "Fyodor" Lyon.

Submissão

Nome Organização Data Data de lançamento
CAPEC Content Team The MITRE Corporation 2014-06-23 +00:00

Modificações

Nome Organização Data Comentário
CAPEC Content Team The MITRE Corporation 2015-11-09 +00:00 Updated References
CAPEC Content Team The MITRE Corporation 2018-07-31 +00:00 Updated Attack_Prerequisites, Description Summary, References, Related_Weaknesses, Resources_Required
CAPEC Content Team The MITRE Corporation 2019-04-04 +00:00 Updated Related_Attack_Patterns
CAPEC Content Team The MITRE Corporation 2019-09-30 +00:00 Updated Related_Attack_Patterns
CAPEC Content Team The MITRE Corporation 2020-07-30 +00:00 Updated Taxonomy_Mappings
CAPEC Content Team The MITRE Corporation 2020-12-17 +00:00 Updated Taxonomy_Mappings
As informações apresentadas no CVE Find originam-se de várias fontes de referência cuidadosamente selecionadas. Os dados CVE são fornecidos pela MITRE Corporation e pelo National Vulnerability Database (NVD). O catálogo de Vulnerabilidades Conhecidas Exploradas (KEV) é proveniente da Cybersecurity and Infrastructure Security Agency (CISA), enquanto as pontuações EPSS vêm do FIRST.org. Além disso, os dados sobre fraquezas de software (CWE) e padrões de ataque comuns (CAPEC) são mantidos pela MITRE Corporation, e as informações sobre configurações de hardware e software (CPE) são fornecidas pelo NVD.