Map network topology

From pre-attack
Jump to: navigation, search


Map network topology
Technique
ID PRE-T1029
Tactic Technical Information Gathering

Definition

A network topology is the arrangement of the various elements of a network (e.g., servers, workstations, printers, routers, firewalls, etc.). Mapping a network allows an adversary to understand how the elements are connected or related.12

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: Various available tools and data sources for scouting and detecting network topologies.

Detection

Detectable by Common Defenses (Yes/No/Partial): Yes

Explanation: Network mapping techniques/tools typically generate benign traffic that does not require further investigation by a defender since there is no actionable defense to execute. Defender review of access logs may provide some insight based on trends or patterns.


References

  1. ^  [A Shodan Tutorial and Primer Daniel Miessler. (n.d.). A Shodan Tutorial and Primer. Retrieved April 2, 2017.]