CAPEC-169

Meta Abstraction Level
Meta — Very abstract, high-level category
Standard — Specific enough to understand
Detailed — Tied to specific technique
Stable MITRE CAPEC Status
Stable — Fully reviewed and complete
Draft — Under development
Incomplete — Partially defined
Deprecated — No longer recommended
Obsolete — Replaced by another CAPEC
Likelihood: High Severity: Very Low
Footprinting

Description

An adversary engages in probing and exploration activities to identify constituents and properties of the target.

Prerequisites

An application must publicize identifiable information about the system or application through voluntary or involuntary means. Certain identification details of information systems are visible on communication networks (e.g., if an adversary uses a sniffer to inspect the traffic) due to their inherent structure and protocol standards. Any system or network that can be detected can be footprinted. However, some configuration choices may limit the useful information that can be collected during a footprinting attack.

Mitigations

Keep patches up to date by installing weekly or daily if possible.

Shut down unnecessary services/ports.

Change default passwords by choosing strong passwords.

Curtail unexpected input.

Encrypt and password-protect sensitive data.

Avoid including information that has the potential to identify and compromise your organization's security such as access to business plans, formulas, and proprietary documents.

Skills Required

[Low] The adversary knows how to send HTTP request, run the scan tool.