network reconnaissance infographic
DESCRIPTION
An infographic supporting the PIANOS: Protecting Information About Networks, the Organisation and It's Systems report I authored with support from my colleagues.TRANSCRIPT
Applied Intelligence
INTERNAL NETWORK RECONNAISSANCE
TARGET INFORMATION OBJECTIVES CRITICAL CONTROLS
IDEAL CONTROLS
Internal Network Reconnaissance is where an attacker enumerates information about a target environment before completing their later objectives in the attack such as elevating their privileges or stealing sensitive information.
Do not underestimate the value of technical information describing your environment and the business information describing your organisation to your attacker.
File Shares
Domain Controllers
User Directories
Proxy Settings
(EXAMPLES)
TAR
GET
ED E
NVI
RO
NM
ENT
INFO
RM
ATIO
NTA
RG
ETED
US
ERIN
FOR
MAT
ION
TAR
GET
ED S
YSTE
MS
INFO
RM
ATIO
NTA
RG
ETED
OTH
ERIN
FOR
MAT
ION
Open Outbound Ports
Logged-in Users
Network Services
Anti-Virus vendors
Backup Files
Organisation Charts
Configuration Management Database
Identify key environment information
Log AnalysisCollection and analysis of system and network logs for security events.
Incident ResponseThe resources and processes to manage and respond to attacks.
Network MonitoringCollection of network traffic in order to identify malicious communications.
Threat IntelligenceCollection, analysis and sharing of attacker data to determine the threat to your environment.
Software InventoryA list of known and approved software within the organisation.
Network DiodeA highly assured uni-directional network flow between two differently trusted networks.
Account MonitoringDetection of attempts to impersonate legitimate users through inactive user accounts.
Behavioural AnalysisThe identification of suspicious patterns of behaviour from network traffic and endpoint activity.
Download of additional tools to collect environment information
Elevate privileges to collect environment information
Lateral movement
Stage environment for exfiltration