Metasploit is an indispensable tool that provides a solution to information security issues from exploit conception to execution, and this tip teaches channel professionals when, why and how to use it.
For more information, read Metasploit: A penetration testing tool you shouldn't be without.
Have you ever wondered how you can execute the ever so vague "arbitrary code" that Microsoft lists in its vulnerability descriptions to see if your systems are really vulnerable? Maybe you've wanted to dig deeper into the higher-level flaws found by vulnerability assessment tools such as Nessus and QualysGuard? Perhaps you're in the business of ethical hacking and performing penetration tests against your own (or your customer's) computer systems? If any of these apply to you, there's a powerful security testing tool that you can't miss.
I'm talking about the Metasploit Framework. It's not new -- in fact, it has been around for a couple of years. However, it has recently started to pick up traction and command attention from information security professionals and software developers alike. Many of us are realizing that Metasploit is an indispensable tool that provides
Requires Membership to View
To gain access to this and all member only content, please provide the following information:
By submitting your registration information to SearchSecurityChannel.com you agree to receive email communications from the TechTarget network of sites, and/or third party content providers that have relationships with TechTarget, based on your topic interests and activity, including updates on new content, event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile, unsubscribing via email or by contacting us here
- Your use of SearchSecurityChannel.com is governed by our Terms of Use
- We designed our Privacy Policy to provide you with important disclosures about how we collect and use your registration and other information. We encourage you to read the Privacy Policy, and to use it to help make informed decisions.
- If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States.
a solution to some vexing information security issues from exploit conception to execution.
Make sure you're familiar with all of the Metasploit best practices so you'll use the tool properly on your customer's networks.
About the author
Kevin Beaver is an independent information security consultant, author and speaker with Atlanta-based Principle Logic LLC. He has more than 17 years of experience in IT and specializes in performing information security assessments. Beaver has written five books, including Hacking For Dummies (John Wiley & Sons, Inc.), the brand new Hacking Wireless Networks For Dummies and The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach Publications). He can be reached at kbeaver@principlelogic.com.
This was first published in April 2007