Host Discovery
Attack Pattern ID: 292 (Standard Attack Pattern Completeness: Stub)Typical Severity: LowStatus: Draft
+ Description

Summary

An attacker sends a probe to an IP address to determine if the host is alive. Host discovery is one of the earliest phases of network reconnaissance. An attacker usually starts with a range of IP addresses belonging to a target network and uses various methods to determine if a host is present at that IP address. Host discovery is usually referred to as 'Ping' scanning using a sonar analogy. The goal of the attacker is to send a packet through to the IP address and solicit a response from the host. As such, a 'ping' can be virtually any crafted packet whatsoever, provided the attacker can identify a functional host based on its response. An attack of this nature is usually carried out with a 'ping sweep' where a particular kind of ping is sent to a range of IP addresses.

+ Target Attack Surface

Target Attack Surface Description

Targeted OSI Layers: Network Layer Transport Layer

Target Attack Surface Localities

Server-side

Target Attack Surface Types: Network Host

+ Attack Prerequisites

A network capable of routing the attackers packets to the destination network.

+ Resources Required

The resources required will differ based upon the type of host discovery being performed. Usually a scanner or scanning script is required due to the volume of requests that must be generated.

+ Related Attack Patterns
NatureTypeIDNameDescriptionView(s) this relationship pertains toView\(s\)
ChildOfAttack PatternAttack Pattern309Scanning for Devices, Systems, or Routes 
Mechanism of Attack1000
ParentOfAttack PatternAttack Pattern285ICMP Echo Request Ping 
Mechanism of Attack1000
ParentOfDeprecatedDeprecated288ICMP Echo Request Ping 
Mechanism of Attack1000
ParentOfAttack PatternAttack Pattern294ICMP Address Mask Request 
Mechanism of Attack1000
ParentOfAttack PatternAttack Pattern295ICMP Timestamp Request 
Mechanism of Attack1000
ParentOfAttack PatternAttack Pattern296ICMP Information Request 
Mechanism of Attack1000
ParentOfAttack PatternAttack Pattern297TCP ACK Ping 
Mechanism of Attack1000
ParentOfAttack PatternAttack Pattern298UDP Ping 
Mechanism of Attack1000
ParentOfAttack PatternAttack Pattern299TCP SYN Ping 
Mechanism of Attack1000
+ References
Stuart McClure, Joel Scambray, George Kurtz. "Hacking Exposed: Network Security Secrets & Solutions". 6th Edition. McGraw Hill, ISBN: 978-0-07-161374-3. 2009.
Gordon "Fyordor" Lyon. "Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning". 3rd "Zero Day" Edition, . Insecure.com LLC, ISBN: 978-0-9799587-1-7. 2008.
Back to top