MetaSploit Shell Detection
Medium Nessus Network Monitor Plugin ID 3685
SynopsisThe remote host is running software that should be authorized with respect to corporate policy.
DescriptionThe remote server is running a MetaSploit Framework server. Metasploit allows users to automatically exploit and backdoor vulnerable applications via the network.
Further, the Metasploit shell server is bound to a non-localhost socket. This allows users to connect to the shell and run exploits from the server. You should ensure that this application can only be accessed by trusted security staff.
SolutionEnsure that this application is authorized according to corporate policies and guidelines.