Week 2 Takeaways

Assigned readings:

The Metasploit Unleashed (MSFU) is an open source penetration tool. This ethical training course also has the objective to provide security awareness for the underprivileged children in East Africa. The Metasploit framework is a very useful auditing tool with an array of commercial grade exploits and an extensive exploit development environment, all the way to network information gathering tools and web vulnerability plugins. Examples of various tests that can be conducted once Metasploit has been properly installed include port scanning, hunting for MSSQL, service identification, password sniffing and SNMP sweeping. It also allows you to write your own scanner and windows patch enumeration.

Question for the class:

Have you used the Metasploit tool before? If so, what was experience and how successful were the outcomes each time you ran your scan?

In the news:
“Time Warner Cable says up to 320,000 customer’s data may have been stolen.”

The Federal Bureau of Investigation notified Time Warner Cable Inc. that up to 320,000 of its customers email password have been compromised. This was accomplished through a malware download during a phishing attack or through data breaches of other companies that stored Time Warner Cable’s customer information (i.e.: email addresses). The company encourages its customers to change the email password immediately to risk any similar future breaches.

For more information regarding this article, please click here.