Quote:
Foot printing
Objective
Target address range, namespace acquisition, and gathering information are essential to a surgical attack. The key is not to miss any detail
Techniques
Open source search
Whois
Wed interface whois
DNS zone Tran sphere
Scanning
Objective
Bulk target assessment and identification of listening services focus the attacker attention on the most promising avenues for entry.
Techniques
Ping sweep
TCP/UDP port scan
OS detection
Enumeration
Objective
More intrusive probing now begins as attackers begin to identified valid user accounts or poorly protected recourse shares.
Techniques
List of user accounts
List of share files
Identify applications
Gaining access
Objective
Enough data has been collected to allow an informed attempt to access the target.
Techniques
Password eve dropping
File share brute forcing
Password file grab
Buffer overflows
note this can go straight to DOS attacks after this step or they may continue on down the chain
Escalating privileged
Objectives
If only user level access has been obtained in the last step the attacker will now seek to gain compete control over the system
Techniques
Password cracking
Known exploits
Pilfering
Objectives
The information gathering process to begin to identify access to trusted systems.
Techniques
Evaluate trusts
Search for clear text passwords
Covering track
Objectives
Once total ownership of the target is secured, hiding this fact from the systems administrator becomes paramount.
Techniques
Clear logs
Hide tools
Create back doors
Objectives
To insure that the intruder has privileged access whenever they choose.
Techniques
Create rogue user accounts
Schedule batch jobs
Infect start up files
Plant RAT's
Install monitoring systems
Replace app with trojens
Denial of service
Objective
If the attacker is unsuccessful in gaining access they may use a readily available exploit code to disable the target as a last resort
Techniques
SYN flood
ICMP techniques
Identical src/dst SYN requests
Overlapping fragment/offset bugs
Out of bound TCP options(OOB)
DDos
As I say this is right form the book but useful information to have at hand, knowing the antonym of the hack will allow you to protect your systems better, I have not include the listing of the tool used as I wish not to pass information of that nature on, anyone interested should go google. If you use this information in any way I take no responsibly for any action you take or any action taken against you.