Map network topology
|Map network topology|
|Tactic||Technical Information Gathering|
A network topology is the arrangement of the various elements of a network (e.g., servers, workstations, printers, routers, firewalls, etc.). Mapping a network allows an adversary to understand how the elements are connected or related.12
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Various available tools and data sources for scouting and detecting network topologies.
Detectable by Common Defenses (Yes/No/Partial): Yes
Explanation: Network mapping techniques/tools typically generate benign traffic that does not require further investigation by a defender since there is no actionable defense to execute. Defender review of access logs may provide some insight based on trends or patterns.
- [A Shodan Tutorial and Primer Daniel Miessler. (n.d.). A Shodan Tutorial and Primer. Retrieved April 2, 2017.]