System Network Connections Discovery (Windows)

Description

Adversaries may attempt to get a listing of network connections to or from the compromised system they are currently accessing or from remote systems by querying for information over the network.

Products, Sensors, and Dependencies

Product	Dependencies	Data source	Access required	Protocol	Data Collected	Notes
Tenable.io	Advanced Network Scan	Windows machines	Authenticated Scan	OS Command	Computer Connectivity	Plugin ID: 64582

Attack Path Technique Details

Framework: MITRE ATT&CK

Family: Discovery

Technique: System Network Connections Discovery

Sub-Technique: System Network Connections Discovery

Platform: Windows

Products Required: Tenable.io

Tenable Release Date: 2022 Q4

Detections

Analytics

System Network Connections Discovery (Windows)

Description

Products, Sensors, and Dependencies

Attack Path Technique Details