MetaSploit Shell Detection

medium Nessus Network Monitor Plugin ID 3685


The remote host is running software that should be authorized with respect to corporate policy.


The remote server is running a MetaSploit Framework server. Metasploit allows users to automatically exploit and backdoor vulnerable applications via the network.
Further, the Metasploit shell server is bound to a non-localhost socket. This allows users to connect to the shell and run exploits from the server. You should ensure that this application can only be accessed by trusted security staff.


Ensure that this application is authorized according to corporate policies and guidelines.

See Also

Plugin Details

Severity: Medium

ID: 3685

Family: Policy

Published: 7/12/2006

Updated: 1/15/2016