Those who all are into Security Consulting & Hacking `Ethical i forgot`, would agree to the points as listed below:
Many a times we are required to Penetrate into remote systems, however the normally available tools and so called professional commercial tools will just give up…
hardly you will be able to send a single packet into target network ??? how what goes wrong ???
well, there are many of them…
1>The ISP from the attackers(Pentester) is blocking all the required ports towards destination.
2>The Target ISP (victim) has blocked the ports
3>Load Balancers… A real pAiN in the A**,
4>WAF (Web App Firewall)
5>The Bandwidth & QoS
8>A HoneyPot Network
9>ASA with multiple defense.
those who solely rely on Metasploit’s default configuration (global), would have experienced timeouts when sending the exploit to the target,
all the videos available on the Internet which demonstrate the use of Metasploit are only shown using either VMWare/VirtualBox, which only mimics a network but on the same PC, there are no other factors which comes into play when using such networks, like the real world ones such as Link Flapping, Bandwidth issues, Fully Patched OS, Updated Anti’s…so on…
so, always make sure the exploits and the tests which you run are indeed worth working or elz you are just wasting the Man-hours… and you give nothing in your Management Report, leading to a false sense of Security…
Hope this helps…