Identification of Threats using Nmap and Metasploit Network Security Tools
Added on 2023-06-04
9 Pages1788 Words54 Views
IDENTIFICATION OF THREATS USING NMAP AND METASPLOIT NETWORK
SECURITY TOOLS
Student
Tutor
Institutional Affiliation
Date
SECURITY TOOLS
Student
Tutor
Institutional Affiliation
Date
Identification of Threats using Nmap and Metasploit Network Security Tools
Introduction
In many eyes, the home intrusion has always been physical break-ins. However, the
trending fashion of having many internet connected devices in our homes have precipitated
another type of intrusion. This intrusion involves one whose target is the home network and
where the internet-connected devices are potentially open to compromise, this might lead to
devastating consequences and loses if the system is attacked by the intruders (cybercriminals).
Following this rationale, there is a need for a defensive mechanism to prevent these intruders
from gaining access into the home system.
As a prominent technique for assessing system security, a system penetration method is a
method that attempts to break into the target system legally using tools and technologies that are
similar to the techniques used by the cybercriminals. For the purpose of this assignment, two
tools were selected based on the empirical research to assess the vulnerability of a home system.
The following tools were utilized in the network assessment:
Nmap
Nmap, Network Nmap, is a useful tool in penetration testing for a general purpose
network scanning. It refers to a host and a network scanner which scans open, filtered or closed
ports, it also has the ability to make OS assumption through packet signature [5]. The Nmap tool
was used in detecting the victim machines, it utilizes the open ports, versions, and OS to exploit
the network vulnerability in the victimized machines. The Nmap tool is compatible with varieties
of the operating system including Linux, Windows, Mac OS X among other several platforms. It
Introduction
In many eyes, the home intrusion has always been physical break-ins. However, the
trending fashion of having many internet connected devices in our homes have precipitated
another type of intrusion. This intrusion involves one whose target is the home network and
where the internet-connected devices are potentially open to compromise, this might lead to
devastating consequences and loses if the system is attacked by the intruders (cybercriminals).
Following this rationale, there is a need for a defensive mechanism to prevent these intruders
from gaining access into the home system.
As a prominent technique for assessing system security, a system penetration method is a
method that attempts to break into the target system legally using tools and technologies that are
similar to the techniques used by the cybercriminals. For the purpose of this assignment, two
tools were selected based on the empirical research to assess the vulnerability of a home system.
The following tools were utilized in the network assessment:
Nmap
Nmap, Network Nmap, is a useful tool in penetration testing for a general purpose
network scanning. It refers to a host and a network scanner which scans open, filtered or closed
ports, it also has the ability to make OS assumption through packet signature [5]. The Nmap tool
was used in detecting the victim machines, it utilizes the open ports, versions, and OS to exploit
the network vulnerability in the victimized machines. The Nmap tool is compatible with varieties
of the operating system including Linux, Windows, Mac OS X among other several platforms. It
has the capability of scanning open ports using various standardized TCP packet options with
numerous options of command lines [1].
Metasploit
Metasploit framework, on the other hand, was used to exploit development, penetration
testing and almost everything that may be needed by a pen tester. Metasploit involved various
key steps to exploit the system network comprising selection and configuration of the target
exploit, validation to find out whether the selected system is vulnerable to the exploit, selection
and configuration of payloads to be used in the exploit, selection and configuration of the
encoding schema in order to ensure that the payload can easily avoid the intrusion detection
system and execute the exploit finally [6].
Both Nmap and Metasploit combined together made a good team of tools which
contributed a great deal during the home system network assessment [9]. Nmap provided the
information regarding the victim machines with potential vulnerabilities in order to make
payloads using Metasploit.
Literature review
Shah, [8] illustrate vulnerability assessment and penetration testing VAPT for cyber
defense. The author expounds that this approach helps in finding the vulnerabilities in advance
before a cyber-attack take place for preventing an information system from being compromised
by the cyber-criminals. The VAPT consist of a step by step process with nine phases. Shah
proves through her vulnerability assessment results that VAPT is a fundamental technique for the
technology of cyber defense [8]. Plus, VAPT, as proposed by the author, allows a system
numerous options of command lines [1].
Metasploit
Metasploit framework, on the other hand, was used to exploit development, penetration
testing and almost everything that may be needed by a pen tester. Metasploit involved various
key steps to exploit the system network comprising selection and configuration of the target
exploit, validation to find out whether the selected system is vulnerable to the exploit, selection
and configuration of payloads to be used in the exploit, selection and configuration of the
encoding schema in order to ensure that the payload can easily avoid the intrusion detection
system and execute the exploit finally [6].
Both Nmap and Metasploit combined together made a good team of tools which
contributed a great deal during the home system network assessment [9]. Nmap provided the
information regarding the victim machines with potential vulnerabilities in order to make
payloads using Metasploit.
Literature review
Shah, [8] illustrate vulnerability assessment and penetration testing VAPT for cyber
defense. The author expounds that this approach helps in finding the vulnerabilities in advance
before a cyber-attack take place for preventing an information system from being compromised
by the cyber-criminals. The VAPT consist of a step by step process with nine phases. Shah
proves through her vulnerability assessment results that VAPT is a fundamental technique for the
technology of cyber defense [8]. Plus, VAPT, as proposed by the author, allows a system
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Network Security Tools: Nmap and Metasploitlg...
|9
|1824
|206
Penetration Testing and Intrusion Detection Name of the University Authorlg...
|57
|5094
|316
Metasploit Framework Assignment PDFlg...
|26
|1193
|325
Penetration Testing on Linux Machine: Task 3lg...
|32
|3649
|332
Cyber Security - Assignment PDFlg...
|8
|2242
|71
Comparison of Metasploit and Hydra: Ethical Hacking Toolslg...
|9
|779
|70