Advantages of Network Vulnerability Testing with Metasploit
Introduction
Metasploit offers a wealth of security information. It's not just about exploits it's a complete framework for network security. Most users' experience with Metasploit involves targeting a specific machine with a specific vulnerability for purposes like penetration testing, but these users never consider employing Metasploit in a wide-scale manner or using it for mass scanning and exploitation. There is currently no shortage of tools that enable administrators to scan a wide range of network devices and report any vulnerabilities or security relevant misconfigurations found. Tools that perform are called vulnerability scanners. Metasploit offers something most of these scanners do not, however: the ability to be 100 percent sure a vulnerability is exploitable.
| Metasploit vulnerability assessment |
Vulnerability Scanning
The way a typical vulnerability scanner works is that the scanner's maker looks at the unique characteristics of a vulnerability and attempts to find a way that the presence of the vulnerability can be verified. Due to reliability concerns launching an exploit is reserved as a last resort, if at all. This is done be evaluating what is required to exploit the vulnerability, what conditions must be met, if any setup of sessions is required, and then analyzing the results.
A process or service may behave differently if it is vulnerable to an attack than if it's not. This could be determined by looking at things like return traffic from the process. A buffer overflow in a mail server is a perfect illustration of the difference between a patched service and an unpatched service.
Subscribe To
Posts
Comments
0 Comments:
Post a Comment