Notes - MIECT
Segurança Em Redes De Comunicações
Notes - MIECT
Segurança Em Redes De Comunicações
  • Segurança Em Redes De Comunicações
  • Corporate Networks Topics
    • Objectives of Network Design
    • Equipments
    • Hierarchical Network Model
    • Modular Network Design
    • Designing the Access Layer
    • Designing the Core Layer
    • Virtual LANs
      • VLANs on Access Points
    • Spanning Tree Protocol
    • IP Routing Overview
  • Introduction to Network Security
    • Type of Attacks
    • Attacks Phases
      • Infiltration Phase
      • Propagation Phase
      • Aggregation and Exfiltration Phase
    • Defenses
    • Security Metrics
  • Network Access Control
    • AAA Architecture
      • TACACS+
      • RADIUS
      • DIAMETER
    • IEEE 802.11 services
    • Joining a BSS
      • WLAN Frames
      • Joining BSS with AP
    • WPA and 802.11i (WPA2)
  • Network Flow Control
    • Network Security Systems
    • Firewalls
    • High-Availability
    • Load Balancing Firewall Load
    • Best Practices and Recommendations
    • IP Spoofing
    • Half-Open TCP Connection Problem
    • DDoS Mitigation at Source
    • Cisco’s Access Control Lists (ACL)
    • Linux IPTables
    • Control By Analysis of Higher Layers
  • Secure Communications
    • Public Key Infrastructure (PKI)
    • X.509 Certificate Contents
    • Traffic Tunnel Concept
      • Next Hop Resolution Protocol (NHRP)
      • Hub-Spoke vs. Spoke-Spoke
    • IPSec
    • Establishing SA and Cryptographic Keys
    • Virtual Private Networks (VPN)
    • Management of Asymmetric Keys
  • Remote Access
    • Remote Access
    • IPsec NAT Transversal
    • Integration with Flow Control
  • Intrusion Detection and Prevention
    • Intrusion Detection and Prevention
    • Host-Based vs. Network-Based
    • Signature vs. Anomaly Based
    • Network Deployment
  • Network Monitoring SIEM
    • Core and End-to-End Monitoring
    • Node Monitoring
    • End-User/Host/App Monitoring
    • Server/Service/Cloud Monitoring
    • Per-Service Detailed Monitoring
    • Data Sources
      • SNMP
      • NetFlow
    • Network Passive Probing Packet Capturing
    • Remote CLI Access
    • Log Files Access
      • Log Management Systems (LMS)
      • Security Information and Events Management (SIEM)
Powered by GitBook
On this page
  1. Introduction to Network Security
  2. Attacks Phases

Infiltration Phase

Licit machines must be compromised to implement the different attack phases.

  • Ideally in a privileged zone of the network, and/or,

  • With access credentials, and/or,

    • User credentials, address(es), hardware key, etc ...

  • With special software, and/or,

  • Target data.

This may include the installation of software or usage of the licit vulnerable software.

May be remotely controlled (constantly or not).

  • Command and control (C&C).

May have autonomous (AI) bots installed to perform illicit actions.

  • When remote C&C is not possible or subject to easy detection.

PreviousAttacks PhasesNextPropagation Phase

Last updated 2 years ago