Constructing an “Attack Path”
You have now considered many methods of obtaining information about a host that might have launched an attack. So what? The next and final section of this chapter deals with piecing together all the information you obtain to construct an “attack path.”
What Is an Attack Path?
An attack path is a model of the network or possibly the telecommunications route used to launch an attack. In other words, if during the time of a certain attack a certain victim host had a connection with another host to which another host was connected, the trail of the attack could be constructed.
Constructing an Attack Path
After someone has a reasonable amount of information about the nature of the attacks and the potential source IP ...
Get Incident Response: A Strategic Guide to Handling System and Network Security Breaches now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.