* Reconnaissance refers to the preparatory phase where an attacker seeks to gather as much information as possible about a target of evaluation prior to launching an attack. It involves network scanning either external or internal without authorization *
Business Risk - To see if someone is watching and responding. Could be future point of return when noted for ease of entry for an attack when more is known on a broad scale about the target.
*
Passive reconnaissance involves monitoring network data for patterns and clues.
o
Examples include sniffing, information gathering etc.
*
Active reconnaissance involves probing the network to detect
o
accessible hosts
o
open ports
o
location of routers
o
details of operating systems and services
0 comments:
Post a Comment