| Name |
System Footprinting |
|
| Likelyhood of attack |
Typical severity |
| Low |
Low |
|
| Summary |
An adversary engages in active probing and exploration activities to determine security information about a remote target system. Often times adversaries will rely on remote applications that can be probed for system configurations. |
| Prerequisites |
The adversary must have logical access to the target network and system. |
| Solutions | Keep patches up to date by installing weekly or daily if possible. Identify programs that may be used to acquire peripheral information and block them by using a software restriction policy or tools that restrict program execution by using a process allowlist. |
| Related Weaknesses |
|
CWE ID
|
Description
|
| CWE-204 |
Observable Response Discrepancy |
| CWE-205 |
Observable Behavioral Discrepancy |
| CWE-208 |
Observable Timing Discrepancy |
|
| Related CAPECS |
|
CAPEC ID
|
Description
|
| CAPEC-169 |
An adversary engages in probing and exploration activities to identify constituents and properties of the target. |
|
| Taxonomy: ATTACK |
|
Entry ID
|
Entry Name
|
| 1082 |
System Information Discovery |
|