CAPEC-307: TCP RPC Scan
CAPEC版本: 3.9
更新日期: 2023-01-24
攻击模式描述
An adversary scans for RPC services listing on a Unix/Linux host.
执行流程
步骤 1 Experiment
An adversary sends RCP packets to target ports.
步骤 2 Experiment
An adversary uses the response from the target to determine which, if any, RPC service is running on that port. Responses will vary based on which RPC service is running.
前提条件
- RPC scanning requires no special privileges when it is performed via a native system utility.
所需资源
- The ability to craft custom RPC datagrams for use during network reconnaissance via native OS utilities or a port scanning tool. By tailoring the bytes injected one can scan for specific RPC-registered services. Depending upon the method used it may be necessary to sniff the network in order to see the response.
后果影响
影响范围: Confidentiality
技术影响: Other
影响范围: Confidentiality Access Control Authorization
技术影响: Bypass Protection Mechanism
缓解措施
Typically, an IDS/IPS system is very effective against this type of attack.