CAPEC-580: System Footprinting
CAPEC版本: 3.9
更新日期: 2023-01-24
攻击模式描述
An adversary engages in active probing and exploration activities to determine security information about a remote target system. Often times adversaries will rely on remote applications that can be probed for system configurations.
前提条件
- The adversary must have logical access to the target network and system.
所需技能
后果影响
影响范围: Confidentiality
技术影响: Read Data
缓解措施
Keep patches up to date by installing weekly or daily if possible.
Identify programs that may be used to acquire peripheral information and block them by using a software restriction policy or tools that restrict program execution by using a process allowlist.
分类映射
| 分类名称 | 条目ID | 条目名称 |
|---|---|---|
| ATTACK | 1082 | System Information Discovery |