Due to the growth and success of Advanced Research our systems have recently become a target for hacking and cyber-attacks. As an organization we know of several attempts to steal the intellectual property of Advanced Research and sell the stolen properties to direct competitors. Beyond that we are all aware of the 2011 issues involving Advanced Research’s public website, website defacement and Denial of Service (DoS) attacks are common tactics of attackers. Also in today’s cyber climate it is well known that any organization, no matter the size or prestige, with a cyber-presence is vulnerable to attacks and exploits.
The fact is that Advanced Research needs to become proactive in our approach to cyber security. Simply put, the best way to defend our cyber property is to perform comprehensive vulnerability scans across all of our systems. It is my recommendation as the IT Manager that Advanced Research procures and implements the extensive use of Metasploit Framework products to safeguard its systems.
Overview of Metasploit Framework and Metasploit Pro
Metasploit Pro is the commercial version of the Metasploit Framework (MSF). MSF was originally conceived and founded by professional penetration tester HD Moore. Mr. Moore set out to build an open source platform that would provide “a consistent, reliable library of constantly updated exploits and offers a complete development environment for building new tools and automating every aspect of a penetration test”. (David Kennedy, 2011)
MSF, released to the public in 2003, offers basic functionality and uses a command-line for exploits. Because of the command-line structure of the environment, MSF is largely used by developers and researchers. The MSF command-line although useful, is not intuitive to most users and even many IT professionals. Conversely, the enterprise version of the MSF tool, Metasploit Pro enables all of the features of Metasploit, and includes enhanced “productivity and advanced attack” tools. (Kirsch, 2013) Metasploit Pro boasts increased usability and stronger data management methods, increasing the overall effectiveness of the product and productivity of IT security professionals.
Some of the increased and added features of Metasploit Pro are:
• Large Engagement Data Management – automatically tracks all “hosts, services, vulnerabilities and evidence”. (Kirsch, 2013) Includes import and consolidation tools, search features, outlier identification, host tagging, evidence storage, and audit trails.
• Security Auditing Wizard – takes the penetration tester through the steps of a “typical engagement” (Kirsch, 2013), saving time for seasoned penetration testers, and getting new testers up to speed quickly.
• MetaModules – automated security tests for penetration tests such as, passive network discovery, and firewall egress testing.
• Web UI and Enhanced Command-Line Console – a web-based graphical user interface is available making Metasploit Pro easier to use for non-experts,...