Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

MetaSploit Shell Detection

Medium

Synopsis

The remote host is running software that should be authorized with respect to corporate policy.

Description

The remote server is running a MetaSploit Framework server. Metasploit allows users to automatically exploit and backdoor vulnerable applications via the network. Further, the Metasploit shell server is bound to a non-localhost socket. This allows users to connect to the shell and run exploits from the server. You should ensure that this application can only be accessed by trusted security staff.

Solution

Ensure that this application is authorized according to corporate policies and guidelines.