Statements (22)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
MITRE ATT&CK Technique
|
| gptkbp:citation |
https://attack.mitre.org/techniques/T1040/
|
| gptkbp:describes |
Adversaries may sniff network traffic to capture information about the target environment, including credentials and other sensitive data.
|
| gptkbp:detects |
Monitor for use of network sniffing tools and unusual network traffic patterns.
|
| gptkbp:example |
gptkb:tcpdump
gptkb:Wireshark gptkb:Ettercap NetworkMiner dsniff |
| https://www.w3.org/2000/01/rdf-schema#label |
T1040
|
| gptkbp:mitigatedBy |
Use encrypted protocols and network segmentation to limit exposure.
|
| gptkbp:partOf |
gptkb:MITRE_ATT&CK_Framework
|
| gptkbp:platform |
gptkb:Windows
gptkb:macOS gptkb:network_protocol gptkb:Linux |
| gptkbp:tactics |
gptkb:Discovery
Credential Access |
| gptkbp:technique |
gptkb:T1040
|
| gptkbp:techniqueName |
Network Sniffing
|
| gptkbp:bfsParent |
gptkb:Freescale_QorIQ_T2
|
| gptkbp:bfsLayer |
7
|