Metasploit Server Detection

Info Nessus Network Monitor Plugin ID 3806

Synopsis

The remote host is running software that should be authorized with respect to corporate policy.

Description

The remote server was just observed making a connection to updates.metasploit.com. This connection attempt usually indicates a Metasploit server that is downloading updates from the metasploit.com web site. Metasploit is an attack framework that allows users to automatically exploit and backdoor vulnerable applications via the network.

Solution

Ensure that this application is authorized according to corporate policies and guidelines.

See Also

http://www.metasploit.com/

http://www.rapid7.com/products/metasploit/

Plugin Details

Severity: Info

ID: 3806

Family: Policy

Published: 2015/03/31

Modified: 2015/06/01

Dependencies: 1735, 8314

Risk Information

Risk Factor: Info