Phases of a computer attack
Phase 1 - Reconnaissance
Phase 2 - Scanning
Phase 3 - Gaining Access
Phase 4 - Maintaining access
Phase 5 - Covering Tracks
Phase 1: Passive and Active Reconnaissance
Passive reconnaissance: This is the process of scouting out a company or individuals knowledge and processes, such as finding out when employees come in to work and leave work. It can also be the result of researching the company through the internet via search engines.
This is a more intrusive part of reconnaissance than the passive way and has a much higher risk of being detected.
Phase 2: Scanning
This is the process of using the information discovered in the reconnaissance stage and using programs such as port scanners, network mappers, and sweepers. This can result in getting information such as the user accounts, IP addresses and computer names.
Phase 3: Gaining Access
This is the phase where you are taking the information gathered from the reconnaissance and scanning phase, the information gathered is used to exploit vulnerabilities in the network to gain access. There are several ways to do this such as either a wired or wireless LAN connection, physically using a computer on the network, or over the internet.
Phase 4: Maintaining Access
Once a hacker has gained access to the system they need to make sure they can continue to access it, this can be done by backdoors, rootkits, and trojans.
Phase 5: Covering Tracks
Once the hacker has secured his access he must make sure that no one will be able to detect he is there or ever was there. This is done by deleting log files or any other cached files.