21
Human Hacker – Log Example
| Uses a browser…. |
||
| And scanning
tools – tailor made automatic tools….. |
||
| Password
grinding, cookie collecting/spoofing |
||
| Will usually
start with automatic scanner to see what is available, fast |
||
| And home made
tools…. |
||
| May use several
IPs, hide behind a proxy server |
||
| Manual methods – |
||
| typically using
a browser |
||
| Manual phase is “sparse” –see attacks once a
minute or so, interwoven with “normal” browsing |
||
| Application
specific attacks |
||
| A lot of
experimenting |
||
| Anti-IDS
techniques |
||
| Long process –
can take days – but has the time…… |
||