Wireless exploits coming to Metasploit 3…



and the script kiddies rejoiced… It reads as though Metasploit 3 will make it easier than ever for script kiddies everywhere to take full advantage of the local wireless hotspots. Of course, metasploit has it’s good uses by people legitimately testing systems that they are responsible for, for vulnerabilities. But, it does make it very easy for the less skilled to pull off some exploits.

In many ways, the security software debate many times turns into something akin to the gun control debate…. “criminalize security penetration testing software and only criminals will have penetration testing software..” Which does make a certain amount of sense…. there are those that have no compunctions against doing illegal things and it can be a helpful thing for people that are motivated to protect themselves and others to have the tools to understand and see the effects of what the criminals would use whether they were legal or not.

I’ve made use of the Metasploit framework for testing my own machines (and as I recall for testing the WMF vulnerability last winter.) I am thankful to have access to the same kind of tools an attacker does because it opens my eyes to what they MIGHT be able to do and gives me a better chance to 1) avoid situations where you can be targetted and 2) be aware of possible signs of an attack and 3) mitigate the software vectors that can be used for the attacks.

Related Posts

Blog Traffic Exchange Related Posts
  • How Microsoft could patch VML vulnerability before October's patch day SO, there's the second big vulnerability exploit for Internet Explorer making the rounds in about a week and Microsoft's advisory says that the most recent flaw will likely be patched on October's patch day ("unless the need arises...") So, what would trigger that need? Lot's of browsers being subjected to......
  • Network security - what does arp spoofing mean for wireless? So, if you haven't already had enough cause to tighten your wireless security.... we've been talking about arp poisoning (spoofing) and the basic conclusion is that IF an attacking machine is on the same subnet as your machine (same IP address range), they can "own" all traffic from you machine......
  • Oracle's April patches late.... Oracle released 36 patches in mid-April as part of their quarterly patch cycle.... unfortunately, not all of the patches were released. Apparently they hadn't finished testing and users were advised to look for the updates around the first of May. Well, guess what - they're not out yet and the......
Blog Traffic Exchange Related Websites
  • Should You Neuter Your Dog? [/caption]It's one of the most crucial questions a new dog owner will face: whether or not to neuter their dog. If you barely have any knowledge of animal behavior and simply like to "go with the flow," you might do well to educate yourself on this important pet-related issue. Many......
  • Happy 30th Birthday Evan [/caption] I can’t believe I turn 30 years old today. Growing up didn't 30 seem old? It wasn't like turning that cool 21, or even 25...it was 30! It was substantial almost like you aren't "that kid" anymore. Not as shocking that I survived to 30 is the fact that......
  • Is Social Security a Ponzi Scheme? (Part 2: An Explanation of Social Security Works) The following is a continuation of the Is Social Security a Ponzi Scheme? (Part 1). That article dealt with the history of Charles Ponzi and the original Ponzi scheme. In this article we'll cover the Social Security system in general. Social Security also works best as a pyramid There is......
en.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site