Servers Tip of the Trade: Metasploit

Tip of the Trade: Metasploit




Most network administrators are familiar with old standbys like Nessus and Nmap for vulnerability scanning. Although these are useful and simple to use apps, admins who want to kick up their penetration testing a few notches should give Metasploit a try. After all, penetration is the one tactic available to network administrators to get ahead of the bad guys, instead of always being in reactive mode.

Penetration enables network administrators to stay ahead of the bad guys rather than in perpetual reactive mode. Metasploit is a powerful penetration testing tool that makes it possible.

With Metasploit, you can finally answer the question “How can I execute this mythical “arbitrary code” that is always the villain in Windows vulnerabilities?” With Metasploit, you can send attack payloads targeted at specific exploits and see for yourself what happens. It also probes for exploitable weaknesses. It comes with a nice assortment of pre-fab attacks. Admins serious about penetration-testing their networks can write their own custom attack scripts.

Metasploit runs on Windows, Linux, BSD and Mac OS X. It probes for vulnerabilities on *nix and Windows binaries, and on both operating systems and applications. For all of its power and sophistication, Metasploit is also easy to install and use. Just download, install and run the msfconsole (Metasploit’s command shell) to get started.

From here, all kinds of useful tasks are possible. You can see lists of commands, get information on each command, list available exploits, and get detailed information on each exploit and payloads.

Using Metasploit can be as simple as selecting your target and payload, or as advanced as identifying and exploiting vulnerabilities yourself.

Metasploit runs from the command line with the msfcli command, in a console (,msfconsole) and over an HTTP interface (msfweb). It’s a well-written, well-organized program that even has excellent documentation. Visit Metasploit.com for downloads and bales of excellent information.

Latest Posts

How to Convert a Physical Computer to a Virtual Machine

Many organizations are implementing virtualization technology into their networks to convert physical computers to virtual machines (VM). This helps reduce overall physical hardware costs,...

HPE ProLiant DL380 Gen10: Rack Server Overview and Insight

The HPE ProLiant DL380 series has consistently been a market leader in the server space. The Gen10 released in 2017 further increased HPE's market...

Best Server Management Software & Tools 2021

Finding the best server management software tools for your organization can have a major impact on the success of your business operations. Manually handling...

IBM AS/400: Lasting the Test of Time

Some server operating systems (OS) were built to survive the test of time – the IBM AS/400 is one such system.  The AS/400 (Application System/400)...

What is Disaster Recovery?

The modern organization's heavy dependence on using data to drive their business has made having a Disaster Recovery (DR) plan in place a necessity....

Related Stories