So I have been researching different types of command and control servers and the types of protocols they use e.g. TCP, UDP, ICMP, HTTP and HTTPS, DNS etc. and I had question about TCP. When researching the C2 servers APT groups use I notice that hardly any use just a straight TCP server and client typically they use HTTP\HTTPS and DNS. What is the problem or drawback with using a TCP server and client as C2 infrastructure? I have looking at making my own TCP client and server using sockets but don't want to fully dive into something if it is not effective use of a C2.
[link] [comments]
from hacking: security in practice https://ift.tt/3o4mIa1
Comments
Post a Comment