MetaSploit Shell Detection

medium Nessus Network Monitor Plugin ID 3685

Synopsis

The remote host is running software that should be authorized with respect to corporate policy.

Description

The remote server is running a MetaSploit Framework server. Metasploit allows users to automatically exploit and backdoor vulnerable applications via the network.
Further, the Metasploit shell server is bound to a non-localhost socket. This allows users to connect to the shell and run exploits from the server. You should ensure that this application can only be accessed by trusted security staff.

Solution

Ensure that this application is authorized according to corporate policies and guidelines.

See Also

http://metasploit.com

Plugin Details

Severity: Medium

ID: 3685

Family: Policy

Published: 7/12/2006

Updated: 1/15/2016