| ID | Name |
|---|---|
| ATAGS-T1173.001 | SNMP (MIB Dump) |
| ATAGS-T1173.002 | Network Device Configuration Dump |
Threat Actors may access network configuration files to collect sensitive data about the device and the network. The network configuration is a file containing parameters that determine the operation of the device. The device typically stores an in-memory copy of the configuration while operating, and a separate configuration on non-volatile storage to load after device reset. Threat Actors can inspect the configuration files to reveal information about the target network and its layout, the network device and its software, or identifying legitimate accounts and credentials for later use.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.