Scanning and Host Management : About Scanning and Host Management

About Scanning and Host Management

Before you can begin the exploitation phase of a penetration test, you must add host data to the project. Host data refers to the IP addresses of the systems that you want to exploit and the active ports, services, and vulnerability information associated with those systems. To add host data to a project, you can either run a discovery scan or you can import scan data from a vulnerability scanner, such as Nexpose or Nessus. If you import data from vulnerability analysis tool, or some other third party vendor, you should still run a discovery scan to identify new or additional information for those hosts.
A discovery scan is the port scanner included with Metasploit Pro. It combines Nmap with several modules to identify the systems that are alive and to uncover the open ports and services. A port is a data connection that serves as a gateway for communication and enables traffic to travel between systems. Network services, like SSH, telnet, and HTTP, typically run on standard port numbers and can indicate the purpose of the system. You can use the results to filter the list of attackable targets.
For example, if you discover a service that allows remote code execution, like VNC, you can bruteforce the service to attempt to log into the system.