Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
45 Cards in this Set
- Front
- Back
Wireless Targeting Methodology |
Gather Intelligence : Survey / Collection Analysis / Report Target Nomination Intel Gain / Loss Assessment CNE CNA Kill / Capture - Find Fix |
|
What 2 methodologies will be done the most of the time |
Gather Intelligence : Survey / Collect Analysis / Report |
|
CNE |
Computer Network Exploitation |
|
CNA |
Computer Network Attack |
|
Analyst brand new, should gather as much intelligence as possible from every available source |
Initial Intel Dump |
|
This mission is done by traveling a route and sampling all the signals encountered so the analysts can identify networks and clients |
Survey |
|
Focus of this is to get as much info about every available wireless network as possible |
Surveys |
|
Surveys uses this type of antenna |
omnidirectional |
|
GPS receiver should be used to tag the location of each frame but remember this.... |
tells the location of the collection system, not the AP |
|
Survey focuses on what to identify links |
Management Frames which helps identify nodes and links |
|
Identify Nodes by |
SSIDs BSSIDs client MAC addresses IP addresses |
|
Three attributes of a good static collection site |
Strong Receive Signal Stealth Safety |
|
Use of what increases the minimum distance needed from the target |
Directional Antennas Amplifiers |
|
They often use the same hardware and software for survey and collection. The team should use one collection device dedicated to each of the target's transmission channels |
Collector Directed to one specific target |
|
The goal of this is to identify networks |
Surveys |
|
Goal of this is to record specific intelligence from targets |
Collection |
|
This occurs each time intel is received |
Analysis |
|
Enumerate all devices, identify vulnerabilities in APs or client Internet browsers, and gather authenticated MAC addresses for spoofing later on is preparation for this type of mission |
CNE Computer Network Exploitation |
|
HVT |
High Value Target |
|
POL |
Pattern of Life |
|
Building up a portfolio against a High Value Target, HVT, focusing on Pattern of Life, POL, development is the goal of this type of mission |
Collection Mission |
|
Analysts should ask these list of questions |
What do I know? What else do I need to know? Who do I tell? |
|
Analysts write up these so other analysts can use
|
Reports |
|
Ensure findings are all reported to whoam |
Decision Makers |
|
Decision Makers makes one of four decision |
1. Continue collection to maintain target awareness 2. Conduct CNE, Computer Network Exploitation, against the target - active and passive 3. Conduct CNA, Computer Network Attack. Disrupting, denying, degrading, or destroying target systems and/or their ability to communicate with each other will consequently affect opportunities for continues collection. 4. Conduct a kill/capture operation against the target. |
|
Software generated picture that correlates the signal strength of emitters of each GPS location |
Heat Map |
|
DF |
Direction Finding |
|
Identifies the direction from which it is receiving the most RF energy from a given signal on a particular frequency. |
Direction Finding Equipment |
|
LOB |
Line of Bearing |
|
Each reading on DF equipment is this. They do not provide any reliable measurement of the distance to the emitter |
LOB Line of Bearing |
|
Describes the act of determining an object's real-world position |
Geolocation |
|
They use algorithms to compute a location of the emitter, usually a coordinate. More accurate than a DF equipment |
Geolocation systems |
|
These operations are extremely risky to the lives of personnel. |
Find - Fix |
|
Network Reconstruction Methodology Steps |
1. Define the Target Network 2. IP to MAC List, MAC to IP 3. Determine Type of Device 4. Enumerate Devices |
|
Define the Target |
Focus on Beacons and DHCP - Offer or ACKs |
|
Determine Type of Device |
Focus on MACs Multicast MACs - first Octet ends odd number AP - source of the beacons, BSSID |
|
Possible OS by TTL |
64 - Probable Unix, Linux, Mac OS 128 - Probable Windows OS 255 - Probable Cisco Router |
|
Key Enumeration Values for Windows |
Windows NT 5.0 - Windows 2000 Windows NT 5.1 - Windows XP Windows NT 5.2 - Windows 2003 Windows NT 6.0 - Windows Vista Windows NT 6.1 - Windows 7 or 2008 Windows NT 6.2 - Windows 8 or 2012 Windows NT 6.3 - Windows 8.1 or 2012 R2 |
|
Windows NT 5.0 |
Windows 2000 |
|
Windows NT 5.1 |
Windows XP |
|
Windows NT 5.2 |
Windows 2003 |
|
Windows NT 6.0 |
Windows Vista |
|
Windows NT 6.1 |
Windows 7 or 2008 |
|
Windows NT 6.2 |
Windows 8 or 2012 |
|
Windows NT 6.3 |
Windows 8.1 or 2012 R2 |