SlideShare ist ein Scribd-Unternehmen logo

Metasploitable.pptx

Als PPTX, PDF herunterladen
H
HodaHisham2

Fgghhkkkkkkhvfdsss

Ingenieurwesen
1 von 35
METSPLOTABLE Mirjam Nilsson
AGENDA Introduction Architecture Of Metasplotable Modules Of Metasploitable Few Demos using Metsploitable Hacking Metsploitable using Kali Linux
INTRODUCTION In cybersecurity, an intrusion occurs when an unauthorized entity manages to enter your network or host. That entity can be a threat actor deliberately infiltrating a system with harmful intentions. For example, it might be: • A malicious hacker doing network reconnaissance or a [DDoS attack]. • A non-malicious but unauthorized entity that entered the system unintentionally. An IDS helps prevent both undesirable cases.
INTRODUCTION
DEFINITION: An IDS is an indispensable part of network security. It is introduced as a system for detecting intrusions that attempt to compromise the main security goals, confidentiality, integrity, and availability of a resource.
HOW DOES AN IDS WORK? • An IDS monitors the traffic on a computer network to detect any suspicious activity. • It analyzes the data flowing through the network to look for patterns and signs of abnormal behavior. • The IDS compares the network activity to a set of predefined rules or to the normal baseline to identify any activity that might indicate an attack or intrusion. • If the IDS detects something that matches one of these rules or deviates from the normal baseline, it sends an alert to the system administrator. • The system administrator can then investigate the alert and take action to prevent any damage or further intrusion.
ARCHITECTURE
DIFFERENT TYPES OF IDS: Network-Based IDS (NIDS) Choose a point on your network and examine all traffic on all devices from that point. Host-Based IDS (HIDS) Examine traffic to and from independent devices within your network, and leave all other devices alone. Protocol-based IDS (PIDS) monitors protocol layer traffic that is used by protocol to communicate with each other Application Protocol-based IDS (APIDS) monitors application layer traffic that is used by applications to communicate with each other. Hybrid IDS Combine some of the approaches listed above into a system made just for you.
BENEFITS OF IDS: • Detect several threats and alert your security staff, who can take appropriate action. • Detects DDoS Attacks. • Helps Meet Regulatory Compliance Requirements. • Detects Network Reconnaissance. • Provides insights. • Improves network performance
MODULES
DETECTION METHOD: Pattern or signature-based intrusion detection looks for network traffic or file patterns and compares them with similar threat-related patterns in their database. The IDS generates an alert once it finds a match (potential threat). Anomaly-based intrusion detection employs ML technology monitors network traffic and compares it against an established baseline to determine what is considered normal for the network concerning bandwidth, protocols, ports and other devices. policy-based detection the IDS compares traffic or files against pre-configured security policies, much like a firewall. Once the IDS finds that certain traffic violates the policy, it generates an alert.
FEATURES: • Real-time Monitoring • Traffic Analysis • Alert Generation • Anomaly Detection • Signature-Based Detection • Log Analysis • Incident Correlation • Custom Rule Creation • User-Friendly Interface • Integration with Other Security Tools • Data Encryption Analysis
FEW DEMOS
Sensors / Agents collect data from network or host sources and send it to the analyzer for analysis. Management Server collects data from sensors and agents, correlates and analyzes it, and centralizes the management of multiple IDS sensors. Analyzers process the data captured by sensors and apply various detection techniques to identify potential threats or anomalies. Database Server stores the event data recorded by IDS sensors and agents, as well as the IDS's configuration data and the results of the analyzer's analysis. User Interface / IDS Console provides a graphical or command-line interface for administrators to configure, manage, and view the results of IDS operations. Alerting and Response Mechanisms generate alerts or trigger response actions when IDS detects suspicious or malicious activities.
HACKING METASPLOITABL E
NMAP AND METASPLOITABLE FRAMEWORK Nmap allows you to scan your network and discover not only everything connected to it, but also a wide variety of information about what's connected, what services each host is operating, and so on. Now we should scan the target machine in Kali Linux using Nmap. -sV : This is a service version scan. -p- : Scans all ports.
VSFTPD OPEN PORT I'll start with the first open port (port 21 vsftpd). By this command we are searching f or the service of the f irst open port that we've f ound.
VSFTPD OPEN PORT I found one excellent module to exploit this port. W hich is module “1” So I will write “use 1” command. we should only specify RHOST which is the IP of our target machine. N ow we are ready to expl oit the Metasploi table .
VSFTPD OPEN PORT And BAM!!! You can now run any command you want or do malicious things to the target machine.
INTRODUCTION At Contoso, we empower organizations to foster collaborative thinking to further drive workplace innovation. By closing the loop and leveraging agile frameworks, we help business grow organically and foster a consumer-first mindset.​
DEFINITION: B2B MARKET SCENARIOS Develop winning strategies to keep ahead of the competition ​Capitalize on low-hanging fruit to identify a ballpark value ​Visualize customer directed convergence​ CLOUD-BASED OPPORTUNITIES Iterative approaches to corporate strategy ​Establish a management framework from the inside​
INTRODUCTION At Contoso, we empower organizations to foster collaborative thinking to further drive workplace innovation. By closing the loop and leveraging agile frameworks, we help business grow organically and foster a consumer-first mindset.​
AREAS OF GROWTH CATEGORY 1 CATEGORY 2 CATEGORY 3 CATEGORY 4​ Q1 4.5 2.3 1.7 5​.0 Q2 3.2 5.1 4.4 3​.0 Q3 2.1 1.7 2.5 2.8 Q4 4.5 2.2 1.7 7.0
BUSINESS OPPORTUNITIES ARE LIKE BUSES. THERE'S ALWAYS ANOTHER ONE COMING.​ Richard Branson
MEET OUR TEAM TAKUMA HAYASHI Pres ide nt MIRJAM NILSSON Chief Executive Of f icer FLORA BERGGREN Chief Operatio ns Of f icer RAJESH SANTOSHI VP Mark eting
MEET OUR TEAM GR AH AM B AR N ES V P P r o d u c t R OWAN M URPHY S E O S t r a t e g i s t ELIZABETH M OORE P r o d u c t D e s i g n e r R OB IN K LINE C o n t e n t D e v e l o p e r TAK UM A H AYASH I P r e s i d e n t M IRJAM N ILSSON C h i e f E x e c u t i v e O f f i c e r FLORA B ERGGREN C h i e f O p e r a t i o n s O f f i c e r R AJESH SAN TOSHI V P M a r k e t i n g
PLAN FOR PRODUCT LAUNCH PLANNING Synergize scalable e-commerce MARKETING Disseminate standardized metrics DESIGN Coordinate e- business applications STRATEGY Foster holistically superior methodologies LAUNCH Deploy strategic networks with compelling e- business needs
Q1 Synergize scalable e-commerce Q2 Coordinate e-business applications Q3 Deploy strategic networks with compelling e-business needs Q4 Disseminate standardized metrics TIMELINE
AREAS OF FOCUS B2B MARKET SCENARIOS Develop winning strategies to keep ahead of the competition ​Capitalize on low-hanging fruit to identify a ballpark value ​Visualize customer directed convergence​ CLOUD-BASED OPPORTUNITIES Iterative approaches to corporate strategy ​Establish a management framework from the inside​
AREAS OF FOCUS B2B MARKET SCENARIOS Develop winning strategies to keep ahead of the competition ​Capitalize on low-hanging fruit to identify a ballpark value ​Visualize customer directed convergence​ CLOUD-BASED OPPORTUNITIES Iterative approaches to corporate strategy ​Establish a management framework from the inside​
AREAS OF FOCUS B2B MARKET SCENARIOS Develop winning strategies to keep ahead of the competition ​Capitalize on low-hanging fruit to identify a ballpark value ​Visualize customer directed convergence​ CLOUD-BASED OPPORTUNITIES Iterative approaches to corporate strategy ​Establish a management framework from the inside​
HOW WE GET THERE ROI Envision multimedia-based expertise and cross-media growth strategies​ ​Engage worldwide methodologies with web- enabled technologies​ NICHE MARKETS Pursue scalable customer service through sustainable strategies​ Engage top-line web services with cutting-edge deliverables​​​ SUPPLY CHAINS Cultivate one-to-one customer service with robust ideas​ Maximize timely deliverables for real-time schemas​
SUMMARY At Contoso, we believe in giving 110%. By using our next- generation data architecture, we help organizations virtually manage agile workflows. We thrive because of our market knowledge and great team behind our product. As our CEO says, "Efficiencies will come from proactively transforming how we do business."​
THANK YOU Mirjam Nilsson mirjam@contoso.com www.contoso.com

Empfohlen

Be the Hunter
Be the Hunter Be the Hunter
Be the Hunter
Rahul Neel Mani
 
How to Overcome Network Access Control Limitations for Better Network Security
How to Overcome Network Access Control Limitations for Better Network SecurityHow to Overcome Network Access Control Limitations for Better Network Security
How to Overcome Network Access Control Limitations for Better Network Security
Cryptzone
 
inSOC Sales Deck Dec 2020.pdf
inSOC Sales Deck Dec 2020.pdfinSOC Sales Deck Dec 2020.pdf
inSOC Sales Deck Dec 2020.pdf
ChristopherSumner7
 
information security (Audit mechanism, intrusion detection, password manageme...
information security (Audit mechanism, intrusion detection, password manageme...information security (Audit mechanism, intrusion detection, password manageme...
information security (Audit mechanism, intrusion detection, password manageme...
Zara Nawaz
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Angeloluca Barba
 
WSO2Con USA 2015: The Needs of Next Generation Giants
WSO2Con USA 2015: The Needs of Next Generation GiantsWSO2Con USA 2015: The Needs of Next Generation Giants
WSO2Con USA 2015: The Needs of Next Generation Giants
WSO2
 
Company_Profile_Updated_17032016
Company_Profile_Updated_17032016Company_Profile_Updated_17032016
Company_Profile_Updated_17032016
Dr. Afnan Ullah Khan
 
Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017
Blueliv
 

Empfohlen

Be the Hunter
Be the Hunter Be the Hunter
Be the Hunter
Rahul Neel Mani
 
How to Overcome Network Access Control Limitations for Better Network Security
How to Overcome Network Access Control Limitations for Better Network SecurityHow to Overcome Network Access Control Limitations for Better Network Security
How to Overcome Network Access Control Limitations for Better Network Security
Cryptzone
 
inSOC Sales Deck Dec 2020.pdf
inSOC Sales Deck Dec 2020.pdfinSOC Sales Deck Dec 2020.pdf
inSOC Sales Deck Dec 2020.pdf
ChristopherSumner7
 
information security (Audit mechanism, intrusion detection, password manageme...
information security (Audit mechanism, intrusion detection, password manageme...information security (Audit mechanism, intrusion detection, password manageme...
information security (Audit mechanism, intrusion detection, password manageme...
Zara Nawaz
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Angeloluca Barba
 
WSO2Con USA 2015: The Needs of Next Generation Giants
WSO2Con USA 2015: The Needs of Next Generation GiantsWSO2Con USA 2015: The Needs of Next Generation Giants
WSO2Con USA 2015: The Needs of Next Generation Giants
WSO2
 
Company_Profile_Updated_17032016
Company_Profile_Updated_17032016Company_Profile_Updated_17032016
Company_Profile_Updated_17032016
Dr. Afnan Ullah Khan
 
Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017
Blueliv
 
Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017
Blueliv
 
Network security monitoring elastic webinar - 16 june 2021
Network security monitoring elastic webinar - 16 june 2021Network security monitoring elastic webinar - 16 june 2021
Network security monitoring elastic webinar - 16 june 2021
Mouaz Alnouri
 
security onion
security onionsecurity onion
security onion
Boni Yeamin
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data Security
Career Communications Group
 
PCI DSS v3.0: How to Adapt Your Compliance Strategy
PCI DSS v3.0: How to Adapt Your Compliance StrategyPCI DSS v3.0: How to Adapt Your Compliance Strategy
PCI DSS v3.0: How to Adapt Your Compliance Strategy
AlienVault
 
Select idps
Select idpsSelect idps
Select idps
Info-Tech Research Group
 
Flow-ABriefExplanation
Flow-ABriefExplanationFlow-ABriefExplanation
Flow-ABriefExplanation
Anthony Parziale
 
Microservices in the cloud at AutoScout24
Microservices in the cloud at AutoScout24Microservices in the cloud at AutoScout24
Microservices in the cloud at AutoScout24
Christian Deger
 
Security is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White PaperSecurity is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White Paper
Mohd Anwar Jamal Faiz
 
Introduction to CAST HIGHLIGHT - Rapid Application Portfolio Analysis
Introduction to CAST HIGHLIGHT - Rapid Application Portfolio AnalysisIntroduction to CAST HIGHLIGHT - Rapid Application Portfolio Analysis
Introduction to CAST HIGHLIGHT - Rapid Application Portfolio Analysis
CAST
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
itnewsafrica
 
Webinar–Best Practices for DevSecOps at Scale
Webinar–Best Practices for DevSecOps at ScaleWebinar–Best Practices for DevSecOps at Scale
Webinar–Best Practices for DevSecOps at Scale
Synopsys Software Integrity Group
 
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Mobodexter
 
Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdf
Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdfImprove_Application_Availability_and_Performance_Sales_Crib_Sheet.pdf
Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdf
منیزہ ہاشمی
 
Applying Auto-Data Classification Techniques for Large Data Sets
Applying Auto-Data Classification Techniques for Large Data SetsApplying Auto-Data Classification Techniques for Large Data Sets
Applying Auto-Data Classification Techniques for Large Data Sets
Priyanka Aash
 
Asset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsAsset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt Labs
RedhuntLabs2
 
A Successful SAST Tool Implementation
A Successful SAST Tool ImplementationA Successful SAST Tool Implementation
A Successful SAST Tool Implementation
Checkmarx
 
SAST Code Security Advisor for SAP [Webinar]
SAST Code Security Advisor for SAP [Webinar]SAST Code Security Advisor for SAP [Webinar]
SAST Code Security Advisor for SAP [Webinar]
akquinet enterprise solutions GmbH
 
Telecom Advisory Services Profile 11042016_All
Telecom Advisory Services Profile 11042016_AllTelecom Advisory Services Profile 11042016_All
Telecom Advisory Services Profile 11042016_All
Ambrose Nwadike
 
FORFIRM - THE FUTURE, DELIVERED!
FORFIRM - THE FUTURE, DELIVERED!FORFIRM - THE FUTURE, DELIVERED!
FORFIRM - THE FUTURE, DELIVERED!
FORFIRM
 
5G and 6G refer to generations of mobile network technology, each representin...
5G and 6G refer to generations of mobile network technology, each representin...5G and 6G refer to generations of mobile network technology, each representin...
5G and 6G refer to generations of mobile network technology, each representin...
archanaece3
 
Dynamo Scripts for Task IDs and Space Naming.pptx
Dynamo Scripts for Task IDs and Space Naming.pptxDynamo Scripts for Task IDs and Space Naming.pptx
Dynamo Scripts for Task IDs and Space Naming.pptx
Mustafa Ahmed
 

Weitere ähnliche Inhalte

Ähnlich wie Metasploitable.pptx

Network security monitoring elastic webinar - 16 june 2021
Network security monitoring elastic webinar - 16 june 2021Network security monitoring elastic webinar - 16 june 2021
Network security monitoring elastic webinar - 16 june 2021
Mouaz Alnouri
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data Security
Career Communications Group
 
PCI DSS v3.0: How to Adapt Your Compliance Strategy
PCI DSS v3.0: How to Adapt Your Compliance StrategyPCI DSS v3.0: How to Adapt Your Compliance Strategy
PCI DSS v3.0: How to Adapt Your Compliance Strategy
AlienVault
 
Microservices in the cloud at AutoScout24
Microservices in the cloud at AutoScout24Microservices in the cloud at AutoScout24
Microservices in the cloud at AutoScout24
Christian Deger
 
Webinar–Best Practices for DevSecOps at Scale
Webinar–Best Practices for DevSecOps at ScaleWebinar–Best Practices for DevSecOps at Scale
Webinar–Best Practices for DevSecOps at Scale
Synopsys Software Integrity Group
 
Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdf
Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdfImprove_Application_Availability_and_Performance_Sales_Crib_Sheet.pdf
Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdf
منیزہ ہاشمی
 
SAST Code Security Advisor for SAP [Webinar]
SAST Code Security Advisor for SAP [Webinar]SAST Code Security Advisor for SAP [Webinar]
SAST Code Security Advisor for SAP [Webinar]
akquinet enterprise solutions GmbH
 
Telecom Advisory Services Profile 11042016_All
Telecom Advisory Services Profile 11042016_AllTelecom Advisory Services Profile 11042016_All
Telecom Advisory Services Profile 11042016_All
Ambrose Nwadike
 

Ähnlich wie Metasploitable.pptx (20)

Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017
 
Network security monitoring elastic webinar - 16 june 2021
Network security monitoring elastic webinar - 16 june 2021Network security monitoring elastic webinar - 16 june 2021
Network security monitoring elastic webinar - 16 june 2021
 
security onion
security onionsecurity onion
security onion
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data Security
 
PCI DSS v3.0: How to Adapt Your Compliance Strategy
PCI DSS v3.0: How to Adapt Your Compliance StrategyPCI DSS v3.0: How to Adapt Your Compliance Strategy
PCI DSS v3.0: How to Adapt Your Compliance Strategy
 
Select idps
Select idpsSelect idps
Select idps
 
Flow-ABriefExplanation
Flow-ABriefExplanationFlow-ABriefExplanation
Flow-ABriefExplanation
 
Microservices in the cloud at AutoScout24
Microservices in the cloud at AutoScout24Microservices in the cloud at AutoScout24
Microservices in the cloud at AutoScout24
 
Security is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White PaperSecurity is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White Paper
 
Introduction to CAST HIGHLIGHT - Rapid Application Portfolio Analysis
Introduction to CAST HIGHLIGHT - Rapid Application Portfolio AnalysisIntroduction to CAST HIGHLIGHT - Rapid Application Portfolio Analysis
Introduction to CAST HIGHLIGHT - Rapid Application Portfolio Analysis
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Webinar–Best Practices for DevSecOps at Scale
Webinar–Best Practices for DevSecOps at ScaleWebinar–Best Practices for DevSecOps at Scale
Webinar–Best Practices for DevSecOps at Scale
 
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
 
Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdf
Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdfImprove_Application_Availability_and_Performance_Sales_Crib_Sheet.pdf
Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdf
 
Applying Auto-Data Classification Techniques for Large Data Sets
Applying Auto-Data Classification Techniques for Large Data SetsApplying Auto-Data Classification Techniques for Large Data Sets
Applying Auto-Data Classification Techniques for Large Data Sets
 
Asset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsAsset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt Labs
 
A Successful SAST Tool Implementation
A Successful SAST Tool ImplementationA Successful SAST Tool Implementation
A Successful SAST Tool Implementation
 
SAST Code Security Advisor for SAP [Webinar]
SAST Code Security Advisor for SAP [Webinar]SAST Code Security Advisor for SAP [Webinar]
SAST Code Security Advisor for SAP [Webinar]
 
Telecom Advisory Services Profile 11042016_All
Telecom Advisory Services Profile 11042016_AllTelecom Advisory Services Profile 11042016_All
Telecom Advisory Services Profile 11042016_All
 
FORFIRM - THE FUTURE, DELIVERED!
FORFIRM - THE FUTURE, DELIVERED!FORFIRM - THE FUTURE, DELIVERED!
FORFIRM - THE FUTURE, DELIVERED!
 

Kürzlich hochgeladen

litvinenko_Henry_Intrusion_Hong-Kong_2024.pdf
litvinenko_Henry_Intrusion_Hong-Kong_2024.pdflitvinenko_Henry_Intrusion_Hong-Kong_2024.pdf
litvinenko_Henry_Intrusion_Hong-Kong_2024.pdf
Alexander Litvinenko
 
21P35A0312 Internship eccccccReport.docx
21P35A0312 Internship eccccccReport.docx21P35A0312 Internship eccccccReport.docx
21P35A0312 Internship eccccccReport.docx
rahulmanepalli02
 
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
HenryBriggs2
 

Kürzlich hochgeladen (20)

5G and 6G refer to generations of mobile network technology, each representin...
5G and 6G refer to generations of mobile network technology, each representin...5G and 6G refer to generations of mobile network technology, each representin...
5G and 6G refer to generations of mobile network technology, each representin...
 
Dynamo Scripts for Task IDs and Space Naming.pptx
Dynamo Scripts for Task IDs and Space Naming.pptxDynamo Scripts for Task IDs and Space Naming.pptx
Dynamo Scripts for Task IDs and Space Naming.pptx
 
Introduction to Artificial Intelligence ( AI)
Introduction to Artificial Intelligence ( AI)Introduction to Artificial Intelligence ( AI)
Introduction to Artificial Intelligence ( AI)
 
Lect.1: Getting Started (CS771: Machine Learning by Prof. Purushottam Kar, II...
Lect.1: Getting Started (CS771: Machine Learning by Prof. Purushottam Kar, II...Lect.1: Getting Started (CS771: Machine Learning by Prof. Purushottam Kar, II...
Lect.1: Getting Started (CS771: Machine Learning by Prof. Purushottam Kar, II...
 
8th International Conference on Soft Computing, Mathematics and Control (SMC ...
8th International Conference on Soft Computing, Mathematics and Control (SMC ...8th International Conference on Soft Computing, Mathematics and Control (SMC ...
8th International Conference on Soft Computing, Mathematics and Control (SMC ...
 
Passive Air Cooling System and Solar Water Heater.ppt
Passive Air Cooling System and Solar Water Heater.pptPassive Air Cooling System and Solar Water Heater.ppt
Passive Air Cooling System and Solar Water Heater.ppt
 
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptxHOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
 
Working Principle of Echo Sounder and Doppler Effect.pdf
Working Principle of Echo Sounder and Doppler Effect.pdfWorking Principle of Echo Sounder and Doppler Effect.pdf
Working Principle of Echo Sounder and Doppler Effect.pdf
 
TMU_GDSC_20240509.pdfTMU_GDSC_20240509.pdf
TMU_GDSC_20240509.pdfTMU_GDSC_20240509.pdfTMU_GDSC_20240509.pdfTMU_GDSC_20240509.pdf
TMU_GDSC_20240509.pdfTMU_GDSC_20240509.pdf
 
Danikor Product Catalog- Screw Feeder.pdf
Danikor Product Catalog- Screw Feeder.pdfDanikor Product Catalog- Screw Feeder.pdf
Danikor Product Catalog- Screw Feeder.pdf
 
litvinenko_Henry_Intrusion_Hong-Kong_2024.pdf
litvinenko_Henry_Intrusion_Hong-Kong_2024.pdflitvinenko_Henry_Intrusion_Hong-Kong_2024.pdf
litvinenko_Henry_Intrusion_Hong-Kong_2024.pdf
 
21P35A0312 Internship eccccccReport.docx
21P35A0312 Internship eccccccReport.docx21P35A0312 Internship eccccccReport.docx
21P35A0312 Internship eccccccReport.docx
 
Convergence of Robotics and Gen AI offers excellent opportunities for Entrepr...
Convergence of Robotics and Gen AI offers excellent opportunities for Entrepr...Convergence of Robotics and Gen AI offers excellent opportunities for Entrepr...
Convergence of Robotics and Gen AI offers excellent opportunities for Entrepr...
 
Post office management system project ..pdf
Post office management system project ..pdfPost office management system project ..pdf
Post office management system project ..pdf
 
Databricks Generative AI Fundamentals .pdf
Databricks Generative AI Fundamentals .pdfDatabricks Generative AI Fundamentals .pdf
Databricks Generative AI Fundamentals .pdf
 
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
 
Fundamentals of Internet of Things (IoT) Part-2
Fundamentals of Internet of Things (IoT) Part-2Fundamentals of Internet of Things (IoT) Part-2
Fundamentals of Internet of Things (IoT) Part-2
 
analog-vs-digital-communication (concept of analog and digital).pptx
analog-vs-digital-communication (concept of analog and digital).pptxanalog-vs-digital-communication (concept of analog and digital).pptx
analog-vs-digital-communication (concept of analog and digital).pptx
 
Introduction to Geographic Information Systems
Introduction to Geographic Information SystemsIntroduction to Geographic Information Systems
Introduction to Geographic Information Systems
 
Max. shear stress theory-Maximum Shear Stress Theory ​ Maximum Distortional ...
Max. shear stress theory-Maximum Shear Stress Theory ​ Maximum Distortional ...Max. shear stress theory-Maximum Shear Stress Theory ​ Maximum Distortional ...
Max. shear stress theory-Maximum Shear Stress Theory ​ Maximum Distortional ...
 

Metasploitable.pptx

  • 2. AGENDA Introduction Architecture Of Metasplotable Modules Of Metasploitable Few Demos using Metsploitable Hacking Metsploitable using Kali Linux
  • 3. INTRODUCTION In cybersecurity, an intrusion occurs when an unauthorized entity manages to enter your network or host. That entity can be a threat actor deliberately infiltrating a system with harmful intentions. For example, it might be: • A malicious hacker doing network reconnaissance or a [DDoS attack]. • A non-malicious but unauthorized entity that entered the system unintentionally. An IDS helps prevent both undesirable cases.
  • 5. DEFINITION: An IDS is an indispensable part of network security. It is introduced as a system for detecting intrusions that attempt to compromise the main security goals, confidentiality, integrity, and availability of a resource.
  • 6. HOW DOES AN IDS WORK? • An IDS monitors the traffic on a computer network to detect any suspicious activity. • It analyzes the data flowing through the network to look for patterns and signs of abnormal behavior. • The IDS compares the network activity to a set of predefined rules or to the normal baseline to identify any activity that might indicate an attack or intrusion. • If the IDS detects something that matches one of these rules or deviates from the normal baseline, it sends an alert to the system administrator. • The system administrator can then investigate the alert and take action to prevent any damage or further intrusion.
  • 8. DIFFERENT TYPES OF IDS: Network-Based IDS (NIDS) Choose a point on your network and examine all traffic on all devices from that point. Host-Based IDS (HIDS) Examine traffic to and from independent devices within your network, and leave all other devices alone. Protocol-based IDS (PIDS) monitors protocol layer traffic that is used by protocol to communicate with each other Application Protocol-based IDS (APIDS) monitors application layer traffic that is used by applications to communicate with each other. Hybrid IDS Combine some of the approaches listed above into a system made just for you.
  • 9. BENEFITS OF IDS: • Detect several threats and alert your security staff, who can take appropriate action. • Detects DDoS Attacks. • Helps Meet Regulatory Compliance Requirements. • Detects Network Reconnaissance. • Provides insights. • Improves network performance
  • 11. DETECTION METHOD: Pattern or signature-based intrusion detection looks for network traffic or file patterns and compares them with similar threat-related patterns in their database. The IDS generates an alert once it finds a match (potential threat). Anomaly-based intrusion detection employs ML technology monitors network traffic and compares it against an established baseline to determine what is considered normal for the network concerning bandwidth, protocols, ports and other devices. policy-based detection the IDS compares traffic or files against pre-configured security policies, much like a firewall. Once the IDS finds that certain traffic violates the policy, it generates an alert.
  • 12. FEATURES: • Real-time Monitoring • Traffic Analysis • Alert Generation • Anomaly Detection • Signature-Based Detection • Log Analysis • Incident Correlation • Custom Rule Creation • User-Friendly Interface • Integration with Other Security Tools • Data Encryption Analysis
  • 14. Sensors / Agents collect data from network or host sources and send it to the analyzer for analysis. Management Server collects data from sensors and agents, correlates and analyzes it, and centralizes the management of multiple IDS sensors. Analyzers process the data captured by sensors and apply various detection techniques to identify potential threats or anomalies. Database Server stores the event data recorded by IDS sensors and agents, as well as the IDS's configuration data and the results of the analyzer's analysis. User Interface / IDS Console provides a graphical or command-line interface for administrators to configure, manage, and view the results of IDS operations. Alerting and Response Mechanisms generate alerts or trigger response actions when IDS detects suspicious or malicious activities.
  • 15.
  • 17. NMAP AND METASPLOITABLE FRAMEWORK Nmap allows you to scan your network and discover not only everything connected to it, but also a wide variety of information about what's connected, what services each host is operating, and so on. Now we should scan the target machine in Kali Linux using Nmap. -sV : This is a service version scan. -p- : Scans all ports.
  • 18. VSFTPD OPEN PORT I'll start with the first open port (port 21 vsftpd). By this command we are searching f or the service of the f irst open port that we've f ound.
  • 19. VSFTPD OPEN PORT I found one excellent module to exploit this port. W hich is module “1” So I will write “use 1” command. we should only specify RHOST which is the IP of our target machine. N ow we are ready to expl oit the Metasploi table .
  • 20. VSFTPD OPEN PORT And BAM!!! You can now run any command you want or do malicious things to the target machine.
  • 21. INTRODUCTION At Contoso, we empower organizations to foster collaborative thinking to further drive workplace innovation. By closing the loop and leveraging agile frameworks, we help business grow organically and foster a consumer-first mindset.​
  • 22. DEFINITION: B2B MARKET SCENARIOS Develop winning strategies to keep ahead of the competition ​Capitalize on low-hanging fruit to identify a ballpark value ​Visualize customer directed convergence​ CLOUD-BASED OPPORTUNITIES Iterative approaches to corporate strategy ​Establish a management framework from the inside​
  • 23. INTRODUCTION At Contoso, we empower organizations to foster collaborative thinking to further drive workplace innovation. By closing the loop and leveraging agile frameworks, we help business grow organically and foster a consumer-first mindset.​
  • 24. AREAS OF GROWTH CATEGORY 1 CATEGORY 2 CATEGORY 3 CATEGORY 4​ Q1 4.5 2.3 1.7 5​.0 Q2 3.2 5.1 4.4 3​.0 Q3 2.1 1.7 2.5 2.8 Q4 4.5 2.2 1.7 7.0
  • 25. BUSINESS OPPORTUNITIES ARE LIKE BUSES. THERE'S ALWAYS ANOTHER ONE COMING.​ Richard Branson
  • 26. MEET OUR TEAM TAKUMA HAYASHI Pres ide nt MIRJAM NILSSON Chief Executive Of f icer FLORA BERGGREN Chief Operatio ns Of f icer RAJESH SANTOSHI VP Mark eting
  • 27. MEET OUR TEAM GR AH AM B AR N ES V P P r o d u c t R OWAN M URPHY S E O S t r a t e g i s t ELIZABETH M OORE P r o d u c t D e s i g n e r R OB IN K LINE C o n t e n t D e v e l o p e r TAK UM A H AYASH I P r e s i d e n t M IRJAM N ILSSON C h i e f E x e c u t i v e O f f i c e r FLORA B ERGGREN C h i e f O p e r a t i o n s O f f i c e r R AJESH SAN TOSHI V P M a r k e t i n g
  • 28. PLAN FOR PRODUCT LAUNCH PLANNING Synergize scalable e-commerce MARKETING Disseminate standardized metrics DESIGN Coordinate e- business applications STRATEGY Foster holistically superior methodologies LAUNCH Deploy strategic networks with compelling e- business needs
  • 29. Q1 Synergize scalable e-commerce Q2 Coordinate e-business applications Q3 Deploy strategic networks with compelling e-business needs Q4 Disseminate standardized metrics TIMELINE
  • 30. AREAS OF FOCUS B2B MARKET SCENARIOS Develop winning strategies to keep ahead of the competition ​Capitalize on low-hanging fruit to identify a ballpark value ​Visualize customer directed convergence​ CLOUD-BASED OPPORTUNITIES Iterative approaches to corporate strategy ​Establish a management framework from the inside​
  • 31. AREAS OF FOCUS B2B MARKET SCENARIOS Develop winning strategies to keep ahead of the competition ​Capitalize on low-hanging fruit to identify a ballpark value ​Visualize customer directed convergence​ CLOUD-BASED OPPORTUNITIES Iterative approaches to corporate strategy ​Establish a management framework from the inside​
  • 32. AREAS OF FOCUS B2B MARKET SCENARIOS Develop winning strategies to keep ahead of the competition ​Capitalize on low-hanging fruit to identify a ballpark value ​Visualize customer directed convergence​ CLOUD-BASED OPPORTUNITIES Iterative approaches to corporate strategy ​Establish a management framework from the inside​
  • 33. HOW WE GET THERE ROI Envision multimedia-based expertise and cross-media growth strategies​ ​Engage worldwide methodologies with web- enabled technologies​ NICHE MARKETS Pursue scalable customer service through sustainable strategies​ Engage top-line web services with cutting-edge deliverables​​​ SUPPLY CHAINS Cultivate one-to-one customer service with robust ideas​ Maximize timely deliverables for real-time schemas​
  • 34. SUMMARY At Contoso, we believe in giving 110%. By using our next- generation data architecture, we help organizations virtually manage agile workflows. We thrive because of our market knowledge and great team behind our product. As our CEO says, "Efficiencies will come from proactively transforming how we do business."​