This project involved identifying and mitigating vulnerabilities on a Metasploitable virtual machine. The primary goal was to enhance the security posture of the VM by applying patches, securing network services, and configuring firewalls.
- Nmap: For network scanning and port identification.
- Metasploit: For vulnerability assessment and exploitation testing.
-
Vulnerability Identification:
- Conducted a comprehensive scan using
nmapto identify open ports and services. - Used
Metasploitto exploit known vulnerabilities and gather information on potential weaknesses.
nmap -sV -O 192.168.1.100 msfconsole
- Conducted a comprehensive scan using
-
Vulnerability Mitigation:
- Applied necessary patches and updates to the system.
- Disabled unnecessary services running on open ports.
- Implemented strict firewall rules to limit access to essential services only.
sudo apt-get update && sudo apt-get upgrade sudo systemctl disable [service_name] sudo ufw allow from [trusted_ip] to any port [port_number] sudo ufw enable
-
Securing Ports:
- Closed non-essential ports and secured necessary ones using firewall configurations.
- Verified the security of the remaining open ports by ensuring they had proper authentication and encryption mechanisms in place.
sudo ufw deny 23/tcp sudo ufw allow 22/tcp sudo ufw status
- Several critical vulnerabilities were identified and successfully mitigated.
- Open ports such as FTP (21), Telnet (23), and HTTP (80) were secured or disabled as appropriate.
- Implemented best practices for firewall configurations, reducing the attack surface significantly.
This project provided hands-on experience in vulnerability management, penetration testing, and system hardening. The actions taken significantly improved the security of the Metasploitable VM, demonstrating practical skills in cybersecurity.
A detailed document of findings and remediation steps is available upon request.