test_scratch
/
cti-ATT-CK-v13.1
/capec
/2.1
/attack-pattern
/attack-pattern--12d80b47-8e4c-4646-bcc3-2bd7059a44e1.json
| { | |
| "id": "bundle--d78ba103-338b-462f-a8db-153e92284a36", | |
| "objects": [ | |
| { | |
| "created": "2014-06-23T00:00:00.000Z", | |
| "created_by_ref": "identity--e50ab59c-5c4f-4d40-bf6a-d58418d89bcd", | |
| "description": "This type of operating system probe attempts to determine an estimate for how predictable the sequence number generation algorithm is for a remote host. Statistical techniques, such as standard deviation, can be used to determine how predictable the sequence number generation is for a system. This result can then be compared to a database of operating system behaviors to determine a likely match for operating system and version.", | |
| "external_references": [ | |
| { | |
| "external_id": "CAPEC-324", | |
| "source_name": "capec", | |
| "url": "https://capec.mitre.org/data/definitions/324.html" | |
| }, | |
| { | |
| "external_id": "CWE-200", | |
| "source_name": "cwe", | |
| "url": "http://cwe.mitre.org/data/definitions/200.html" | |
| }, | |
| { | |
| "description": "Stuart McClure, Joel Scambray, George Kurtz, Hacking Exposed: Network Security Secrets & Solutions (6th Edition), 2009, McGraw Hill", | |
| "external_id": "REF-33", | |
| "source_name": "reference_from_CAPEC" | |
| }, | |
| { | |
| "description": "Defense Advanced Research Projects Agency Information Processing Techniques Office, Information Sciences Institute University of Southern California, RFC793 - Transmission Control Protocol, 1981--09, Defense Advanced Research Projects Agency (DARPA)", | |
| "external_id": "REF-128", | |
| "source_name": "reference_from_CAPEC", | |
| "url": "http://www.faqs.org/rfcs/rfc793.html" | |
| }, | |
| { | |
| "description": "Gordon \"Fyodor\" Lyon, Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning (3rd \"Zero Day\" Edition,), 2008, Insecure.com LLC", | |
| "external_id": "REF-212", | |
| "source_name": "reference_from_CAPEC" | |
| }, | |
| { | |
| "description": "Gordon \"Fyodor\" Lyon, The Art of Port Scanning (Volume: 7, Issue. 51), Phrack Magazine, 1997", | |
| "external_id": "REF-130", | |
| "source_name": "reference_from_CAPEC", | |
| "url": "http://phrack.org/issues/51/11.html" | |
| } | |
| ], | |
| "id": "attack-pattern--12d80b47-8e4c-4646-bcc3-2bd7059a44e1", | |
| "modified": "2018-07-31T00:00:00.000Z", | |
| "name": "TCP (ISN) Sequence Predictability Probe", | |
| "object_marking_refs": [ | |
| "marking-definition--17d82bb2-eeeb-4898-bda5-3ddbcd2b799d" | |
| ], | |
| "spec_version": "2.1", | |
| "type": "attack-pattern", | |
| "x_capec_abstraction": "Detailed", | |
| "x_capec_child_of_refs": [ | |
| "attack-pattern--6227a1fc-7504-4a5f-b5b2-4c4f1fe38617" | |
| ], | |
| "x_capec_consequences": { | |
| "Access_Control": [ | |
| "Bypass Protection Mechanism", | |
| "Hide Activities" | |
| ], | |
| "Authorization": [ | |
| "Bypass Protection Mechanism", | |
| "Hide Activities" | |
| ], | |
| "Confidentiality": [ | |
| "Read Data", | |
| "Bypass Protection Mechanism", | |
| "Hide Activities" | |
| ] | |
| }, | |
| "x_capec_domains": [ | |
| "Software" | |
| ], | |
| "x_capec_likelihood_of_attack": "Medium", | |
| "x_capec_prerequisites": [ | |
| "The ability to monitor and interact with network communications.Access to at least one host, and the privileges to interface with the network interface card." | |
| ], | |
| "x_capec_resources_required": [ | |
| "A tool capable of sending and receiving packets from a remote system." | |
| ], | |
| "x_capec_status": "Stable", | |
| "x_capec_typical_severity": "Low", | |
| "x_capec_version": "3.9" | |
| } | |
| ], | |
| "type": "bundle" | |
| } |