Constructing an “Attack Path”

You have now considered many methods of obtaining information about a host that might have launched an attack. So what? The next and final section of this chapter deals with piecing together all the information you obtain to construct an “attack path.”

What Is an Attack Path?

An attack path is a model of the network or possibly the telecommunications route used to launch an attack. In other words, if during the time of a certain attack a certain victim host had a connection with another host to which another host was connected, the trail of the attack could be constructed.

Constructing an Attack Path

After someone has a reasonable amount of information about the nature of the attacks and the potential source IP ...

Get Incident Response: A Strategic Guide to Handling System and Network Security Breaches now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.