Network Security Tools: Metasploit and Nessus Analysis and Comparison

Verified

Added on 2022/12/23

AI Summary

This presentation provides a comparative analysis of two network security tools: Metasploit and Nessus. It begins with brief descriptions of how each tool functions, including Nessus's vulnerability scanning using plugins and Metasploit's modular penetration testing capabilities. The presentation then demonstrates how each tool detects anomalies, followed by a comparison of their features, functionalities, and ease of use. The presenter highlights the strengths and limitations of each tool, considering factors such as feature richness and suitability for various scenarios. The presentation concludes with a recommendation for the use of Metasploit for an enterprise like JKL, emphasizing its advanced security capabilities and suitability for addressing internal and external threats, while also considering the pricing and limitations of both tools. The presentation underscores the importance of aligning tool selection with specific security requirements and understanding the advantages and disadvantages of each tool in different contexts.

Hi, I am [STUDENT NAME AND ANY OTHER RELEVANT INTRODUCTORY
INFORMATION]
For this assignment I will be demonstrating two network security tools that is Metasploit
framework and Nessus.
For this presentation, first, I will give a short brief description of how each of the tools work.
Then I’ll explain how each of them work to accomplish the detection of anomalies. After that
I’ll give a comparison of the tools in terms of their functionality and efficiency. Lastly, I will
discuss the suitability of each tool for the provided scenario.
Nessus is a vulnerability scanner which enables auditing networks. It functions by scanning a
number of Internet Protocol (IP) addresses and identifying the vulnerabilities using a series of
plugins. The plugins are written in a language referred to as Nessus Attack Scripting
Language (NASL)
Metasploit is a modular penetration testing platform with many capabilities. It has many
components which make up it’s functionality. Its functions include: developing exploits,
penetration testing, creating malicious payloads for client-side attacks, fuzzing, active
exploitation, verifying Operating System (OS) patches applied by server and network
administrators. Basically, the framework can be used for any function that a penetration tester
requires.
Now to the demonstration, we will begin with Nessus then move on to Metasploit.
Nessus can be used for the following functions: detecting security holes in local or remote
hosts, detecting missing security updates and patches, simulated attacks to pinpoint
vulnerabilities and scheduling security audits.
To see Nessus in action, double click on the Nessus shortcut and connect to the server. Log
on the server after connecting and select the default scan policy and add a target then save the
target. After that click scan now. It starts the scan and shows report and starts telling the
vulnerabilities found. After the scan is finished all the information is on the report. You can
actually go and export the report give it an appropriate name, we will call it Nessus Report in
this case and save it where you prefer in this case the desktop and Nessus will generate the
report. Going to the desktop, here is our report. Opening the report, as you can see, there are
different categories of vulnerabilities.
Metasploit has different has modules which can be used to do pretty much anything when it
comes to network security. I already mentioned the major. Functions earlier in the video but
just as a refresher, its functionalities include: developing exploits, penetration testing,

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

creating malicious payloads for client-side attacks, fuzzing, active exploitation, verifying
Operating System (OS) patches applied by server and network administrators.
Metasploit provides different interfaces for its underlying functions namely: MSFconsole,
MSFIcli and Armitage. Both MSFconsole and MSFcli provide ways to access the framework.
However, MSFconsole is the most popular interface for Metasploit since it is flexible,
feature-rich and user-friendly. On the other hand, MSFcli puts emphasis on scripting and
ability to work and be interpreted with other console-based tools. Armitage is a fully
interactive GUI which is highly impressive and feature-rich.
To demonstrate Metasploit, first create a malicious payload as an executable file for the target
host within the network. Start MSFconsole, then choose a suitable payload then configure it.
This will generate an executable file. The .exe file is then executed in the target. After the file
has been successfully executed, the system is compromised and we have successfully
exploited the system.
When comparing these two tools, in terms of features, Metasploit has more features therefore
enables one to fully exhaust all the penetration tests that one can possibly think of while the
features in Nessus are limited. However, in terms of ease of usage, Nessus is better than
Metasploit since as much as the features are limited, all you have to do is specify the server
details, login and scan.
JKL require a network that is secure such that all their data and information remain
confidential and not accessible to irrelevant parties. Their greatest security threat actually is
the users who can leak confidential information either knowingly or unknowingly which
requires that information be shared on a need to know basis such that the leaks are limited.
This is an internal threat. For the external threats we have data breaches which involve
confidential data being seen or accessed by an unauthorized party, eavesdropping which is
unauthorized monitoring of communication, Denial of service (DOS) attack which locks out
the intended users from a machine and malicious threats such as worms, trojans, viruses and
spyware.
For JKL I would recommend Metasploit. This is because JKL requires the highest level of
security and Metasploit is better suited for as compared to Nessus. Secondly, in terms of
price, Metasploit may be more expensive than Nessus if you use the pro version of
Metasploit. However, Metasploit provides a free version which may have a few limitations
but it is still better than Nessus. Also, Nessus is not suited for big enterprises.
In conclusion, from this we can see that different network security tools provide different
services and user experiences. Therefore, one can choose what to use depending on your

requirements. No tool is entirely advantageous or entirely disadvantageous. What works for
one scenario may not work for another scenario. Hence, it is good for users to have their
specific requirements down and outlined when choosing a tool.