Dark Mode

Settings

Capec-292 Detail

Host Discovery

Standard Communications Software Typical Severity: Low

Parents: 169

Children: 285 294 295 296 297 298 299 612 613 618 619

Threats: T60 T65 T80 T105 T258 T273 T288 T291 T302 T334 T392 T407

Tools: 5

Description

An adversary sends a probe to an IP address to determine if the host is alive. Host discovery is one of the earliest phases of network reconnaissance. The adversary usually starts with a range of IP addresses belonging to a target network and uses various methods to determine if a host is present at that IP address. Host discovery is usually referred to as 'Ping' scanning using a sonar analogy. The goal is to send a packet through to the IP address and solicit a response from the host. As such, a 'ping' can be virtually any crafted packet whatsoever, provided the adversary can identify a functional host based on its response. An attack of this nature is usually carried out with a 'ping sweep,' where a particular kind of ping is sent to a range of IP addresses.

Not present

External ID Source Link Description
CAPEC-292 capec https://capec.mitre.org/data/definitions/292.html
CWE-200 cwe http://cwe.mitre.org/data/definitions/200.html
T1018 ATTACK https://attack.mitre.org/wiki/Technique/T1018 Remote System Discovery
REF-33 reference_from_CAPEC Stuart McClure, Joel Scambray, George Kurtz, Hacking Exposed: Network Security Secrets & Solutions (6th Edition), 2009, McGraw Hill
REF-34 reference_from_CAPEC Gordon "Fyodor" Lyon, Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning (3rd "Zero Day" Edition,), 2008, Insecure.com LLC, ISBN: 978-0-9799587-1-7

Not present

  1. The adversary requires logical access to the target network in order to carry out host discovery.
  1. The resources required will differ based upon the type of host discovery being performed. Usually a network scanning tool or scanning script is required due to the volume of requests that must be generated.

Not present

Authorization Access Control Confidentiality
Bypass Protection Mechanism Bypass Protection Mechanism Other
Hide Activities Hide Activities Bypass Protection Mechanism
Hide Activities

Not present

We use cookies to ensure you get the best experience on our website.