Secure-DNA Security Consulting Hawaii Honolulu Outsourcing Hawaii Honolulu IT Security Consulting Hawaii Honolulu Security Outsourcing Secure-DNA Profile Security Events Hawaii Secure-DNA Contact Information
 
MetaSploit
   
 

Hacking tools get easier to use on Windows Metasploit, one of the most popular security testing and penetration tools on the market has gotten a lot easier to use for users of the Windows operating system. The Metasploit Project recently released version 3.1 which is free and available via download at www.metasploit.com.

  • Metasploit 3.1 features a full graphical user interface, full support for the Windows platform, and contains over 450 modules including 265 remote exploits, and even has exploits targeted at the iPhone. Metasploit 3.1 packs in over a years worth of research and redevelopment and has incorporated ideas from influential security professionals in the industry. New remote exploits and the improvement of a full graphical user interface were some of the many features added to the framework.

The first and second release of Metasploit was written in Perl; the third and current release was re-written using the Ruby programming language. According to H D Moore, founder of the Metasploit Project, the support of a full graphical user interface provides Windows users the same footing as those running Unix, by giving them access to a console interface to the framework. This provides users a Windows operating-system feel when using the security tool. With the dominance of the Windows operating systems in the market, it is predicted that there will be a huge increase in the usage of this tool. In addition, getting Metasploit version 3.1 installed and running using Windows can be done in a matter of minutes. With the support of a full graphical user interface, an un-patched system, as detected by a vulnerability scanner, can easily be tested to confirm whether the vulnerability is valid or a false positive. Many users of Metasploit use the term “point, click, and root” since with Metasploit, it’s as easy as selecting the exploit, the target operating system, and inputting the target’s IP address. Although Metasploit can be used to identify and test vulnerabilities in your networks, it can also be used by others to exploit your networks as well. The same ease of use that Metasploit provides for legitimate security-related activities is now in the hands of Hackers. Companies should have a strict policy about the download and use of this and other hacking related tools without the explicit permission of executive management or system administration personnel. Metasploit is a purpose-built hacking tool and if identified on a system may indicate that a compromise or breach has occurred.

Never run Metasploit against a system you don’t own and always ensure that you carefully plan the use of Metasploit against production systems as exploiting vulnerabilities can have an adverse impact on system stability. In parting, Metasploit can be used by the “good guys” and the “bad guys” with the same ease but for different purposes. Be aware of the tools that are out there and how they can be used as tools for your network team or as weapons against your systems and networks.



  
 
Security privacy policy Security terms of use security dna 1 security dna 2 security dna 3