Computer Forensic Investigation – Phases of a Crime

Network enumeration – Research the target.

Vulnerability analysis – Detect how to attack the target.

Exploitation – Compromise the system.

A Standard Intrusion Scenario

Reconnaissance – Network enumeration and vulnerability analysis.

Exploitation – The intruder launches their attack.

Reinforcement – Escalate privileges, import tools onto the victim, hide their presence. May even patch the vulnerability to prevent other hackers from their “territory”.

Consolidation – Verify the reliability of the attack, then “run silently”; not connecting to the victim for some length of time.

Pillage – The intruder executes their ultimate plan.