Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I i've virtual machine that is running BackTrack4r2. I need to use the built-in tool Metaspolit in bt for assessing the security and vulnerability in websites
The prob is that i dont have any idea about the Metaspolit tool
I would appreciate any help in providing info about best senario to use to demo the functionality of this tool or any info about it
Instead of using metasploit, have you thought about other ways to tackle the problem?
- What is your monitoring solution so that if you get cracked you know about it?
- What is you update/patching routine?
- Have you investigated the sites you're hosting for known exploits?
- Do you have code audits/reviews for hosted sites?
- Are you responsible for updating the sites or are others? And if others, how are updates enforced?
- What steps have you taken to harden the hosting machine? SELinux? chroot? Virtual Machines?
- Do you have a disaster recovery plan and does it work?
In my opinion, penetration testing is really only useful in the context of an overall security plan where you've evaluated how to stop attacks in the first place. In fact I would argue you can be highly successful at maintaining a secured environment without ever having to resort to penetration testing.
Metasploit is a great tool for pen testing web apps. Anyone who says they want to learn metasploit I always suggest they go through the metasploit unleashed class put up by offensive-security. (it's free) Metasploit Unleashed
Metasploit is a great tool for pen testing web apps. Anyone who says they want to learn metasploit I always suggest they go through the metasploit unleashed class put up by offensive-security. (it's free) Metasploit Unleashed
Vulnerability assessment and pen testing are two different things.
I recommend true vuln assessment tools such as Nikto or Nessus. Use those first, as they will show you any apparent holes to further exploit using pen test tools.
Vulnerability assessment and pen testing are two different things.
I recommend true vuln assessment tools such as Nikto or Nessus. Use those first, as they will show you any apparent holes to further exploit using pen test tools.
Yes they are. However he was directly asking about Metasploit regardless if he used the right terminology. But you are right and I do wish people would push the fact that there is a difference so thanks for that! Also, I really am starting to consider Metasploit more of an environment vs a tool. And the reason I say that is I can run Nikto, Nessus, DirBuster, etc all from within Metasploit via simple ruby / python scripts. Actually I think Nessus might be built-in now. IDK I use my own. I know neXpose is. Either way, while it has a great exploitation framework (which is what it is) that is one tool that I could agree could be considered an assessment tool as well.
I think I answered fairly. Also, Hangdog42 was going in a similar direction as I was. Within the first two sentences of the OP's post, I saw that he he didn't mention that he wanted to pen test. He didn't mention pen testing in his whole post yet he mentioned backtrack and Metasploit.
My response was meant to inform the OP that pen testing is usually within the latter stages of assessing a system/service and that there is a definitive difference between looking for vulnerabilities, shoring up the findings, and exploiting known vulnerabilities. In most cases, a system can be secured without resorting to pen testing. Whether the OP accepts the advice is up to him, but it is upon every reader to add anything they think is relevant.
Also, don't let Metasploit's modular nature fool you into thinking that Nessus/Nikto and similar tools are actually developed by the maintainers of Metasploit. They are separate tools that can be leveraged by the Metasploit framework though usage of scripts. Linkage via scripts doesn't necessarily mean products are thoroughly integrated (or even supported by the Metasploit project).
I didn't say you didn't answer fairly and in fact I thanked you for bringing that up since it is often over looked...
Quote:
Originally Posted by unixfool
Also, don't let Metasploit's modular nature fool you into thinking that Nessus/Nikto and similar tools are actually developed by the maintainers of Metasploit. They are separate tools that can be leveraged by the Metasploit framework though usage of scripts. Linkage via scripts doesn't necessarily mean products are thoroughly integrated (or even supported by the Metasploit project).
Yes I know I said I use my own scripts that I wrote.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.