ATT&CK 기법 · Discovery
System Network Connections Discovery T1049
이 기법을 다룬 REVELARE 한국어 위협 분석 1편 · Discovery
이 기법을 다룬 분석
MITRE 공식 정의
Adversaries may attempt to get a listing of network connections to or from the compromised system they are currently accessing or from remote systems by querying for information over the network. An adversary who gains access to a system that is part of a cloud-based environment may map out Virtual Private Clouds or Virtual Networks in order to determine what systems and services are connected. The actions performed are likely the same types of discovery techniques dependin…
플랫폼: ESXi, IaaS, Linux, macOS, Network Devices, Windows