Focus on IDS
Single Stage Attacks? May 17 2009 06:39AM
snort user (snort user gmail com) (3 replies)
Re: Single Stage Attacks? May 20 2009 04:47PM
Stuart Staniford (sstaniford FireEye com)
Re: Single Stage Attacks? May 19 2009 08:22PM
dreamwvr (dreamwvr dreamwvr com)
Re: Single Stage Attacks? May 19 2009 04:33PM
Jamie Riden (jamie riden gmail com)
2009/5/17 snort user <snort.user (at) gmail (dot) com [email concealed]>:
> Greetings All,
>
> Typically, network based attacks have multiple stages.
> (reconnaissance, infection, download rootkit, call home, further infection etc)
>
> Some attacks may have a single stage (without reconnaissance) to
> compromise a host.
> However, even those attacks have a post-compromise stage, such as call home
> or transfer/steal data or something else.
> Otherwise, what's the motivation for compromising in the first place?
>
> Can someone enlighten me if there are attacks that only have a single stage?
> Examples or scenarios is much appreciated.

SQL Slammer.

(stage 2 - if there was one - was just stage 1, but outgoing instead
of incoming, so not really separate in my opinion)

cheers,
Jamie
--
Jamie Riden / jamesr (at) europe (dot) com [email concealed] / jamie (at) honeynet.org (dot) uk [email concealed]
http://www.ukhoneynet.org/members/jamie/

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus