← Back to Explore
T1071.002
File Transfer Protocols
Adversaries may communicate using application layer protocols associated with transferring files to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server. Protocols such as SMB(Citation: US-CERT TA18-074A), FTP(Citation: ESET Machete July 2019), FTPS, and TFTP that transfer files may be very common in environments. Packets produce...
ESXiLinuxmacOSNetwork DevicesWindows
1
Detections
1
Sources
4
Threat Actors
BY SOURCE
1splunk_escu
PROCEDURES (1)
Network Connection Monitoring1 detections
Auto-extracted: 1 detections for network connection monitoring