Akademik Məlumat İdarəetmə Sistemi
in: Mastering Intrusion Detection for Cybersecurity, Dr. Akashdeep Bhardwaj, Editor, Intechopen, Rijeka, pp.1-20, 2025
In modern times, due to the widespread use and use of cloud and web technologies, mobile and sensor environments, and social networks and online banking, cybersecurity is developing as a scientific field of interest to a large number of researchers. The rapid increase in Internet use day by day makes the solution and analysis of issues related to detecting intrusions into workstations or servers even more relevant. In order to ensure the confidentiality, integrity, and accessibility of data, it is necessary to eliminate vulnerabilities that could allow a successful attack on servers in a timely manner. The risks and consequences of vulnerabilities arising from the disruption of the function of the Server Message Block (SMB) protocol can significantly affect the security status of an organization. In this study, the Fake SMB Server Attack process as a means of capturing confidential information by taking advantage of the security vulnerabilities of Active Directory (AD) is studied using the Metasploit Framework tool and network traffic is analyzed using the Cyber Kill Chain (CKC) method. Following the recommendations given at the end of the section will help significantly reduce the risk of successful attacks by attackers who intrude into workstations and servers.