Have You Been Hacked by Metasploit? Find Out!
Jul 29, 2009, 21:32 (0 Talkback[s])
(Other stories by Sean Michael Kerner)
"One of the most devastating aspects of the open source
metasploit vulnerability testing framework is meterpreter, which
exploits a host machine in memory without leaving a trace.
Meterpreter is supposed to be undetectable by IPS systems making it
difficult if not impossible for someone to know what an attacker
may have done to the victims' machine.
"At the Black Hat security conference in Las Vegas, Mandiant
security researchers Peter Silberman and Steve Davis are releasing
a new forensic framework on Wednesday that will make it possible to
detect whether or not a host was hit by Metapsloit's meterpreter.
The new tool could change the game when it comes to
Metasploit-based attacks that previously could not be identified on
the target machine."