Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Metasploit Server Detection

Info

Synopsis

The remote host is running software that should be authorized with respect to corporate policy.

Description

The remote server was just observed making a connection to updates.metasploit.com. This connection attempt usually indicates a Metasploit server that is downloading updates from the metasploit.com web site. Metasploit is an attack framework that allows users to automatically exploit and backdoor vulnerable applications via the network.

Solution

Ensure that this application is authorized according to corporate policies and guidelines.