ATT&CK 기법 · Command and Control
Non-Standard Port T1571
이 기법을 다룬 REVELARE 한국어 위협 분석 1편 · Command and Control
이 기법을 다룬 분석
MITRE 공식 정의
Adversaries may communicate using a protocol and port pairing that are typically not associated. For example, HTTPS over port 8088(Citation: Symantec Elfin Mar 2019) or port 587(Citation: Fortinet Agent Tesla April 2018) as opposed to the traditional port 443. Adversaries may make changes to the standard port used by a protocol to bypass filtering or muddle analysis/parsing of network data. Adversaries may also make changes to victim systems to abuse non-standard ports. For …
플랫폼: ESXi, Linux, macOS, Windows