Latest News

Popular

Linux-Tip News

We are proud to present Linux-Tip Europe. This page is designed to provide the Linux users community (not only in Europe) with news and articles that are of interest to them. It works by allowing members of the community to submit news and articles relating to Linux hardware and software. This same community can then decide what tips should be promoted based on what they consider to be the most important or interesting to the community by voting stories up and down. Stories that receive enough votes are promoted to the Linux-Tip Europe homepage. Bookmark and Share
 
Home
Using Nexpose Community Edition on Backtrack 4 Print E-mail
Wednesday, 28 April 2010
Article Index
Using Nexpose Community Edition on Backtrack 4
Running your first scan
Page 1 of 2
NeXpose from Rapid7 is a unified vulnerability solution that scans networks to identify the devices running on them and to probe these devices for vulnerabilities. It analyzes the scan data and processes it for reports.
The vulnerability checks in NeXpose identify security weaknesses in all layers of a network computing environment, including operating systems, databases, applications, and files. NeXpose can detect malicious programs and worms, identify areas in your infrastructure that may be at risk for an attack, and verify patch updates and security compliance measures.

With the  NeXpose Community Edition you are able to scan up to 32 IP addresses in your network at the same time. This workshop will show you, how to install NeXpose Community Edition on Backtrack 4.

Downloading the software

Download Nexpose Community Edition form here:
http://www.rapid7.com/vulnerability-scanner.jsp

After accepting the End User License Agreement you will get an e-mail with the download instructions and the product key which allows you to use this version for commercial and private scans. Use  md5sum according to the instructions sent, which helps to ensure that installers are not corrupted during download.
The following Nexpose installers are available:

  • NeXpose for Linux – 32-bit
  • NeXpose for Linux – 64-bit
  • NeXpose for Windows  –  32-bit
  • NeXpose for Windows  –  64-bit
Please keep in mind that Rapid7 does not support installation on Windows XP because of an issue related to this operating system sending packets over raw sockets.  For that reason, Windows users should use MS Windows Server 2003 SP2/ Server 2003 R2.

The following Linux Distributions are supported:

  • SUSE Enterprise Linux 9
  • Red Hat Enterprise Linux 4
  • Fedora 9 or later
  • Debian 4.0 or later
  • CentOS 4 or later
  • Ubuntu 7.10 or later

As penetration testers we are already using Backtrack 4. Make sure to have Backtrack 4 installed on your hard disk.

Installation

First things first: Store the downloaded file (NeXposeSetup-Linux32.bin) in the directory /tmp and set the correct permissions.

cd /tmp
chmod 755 NeXposeSetup-Linux32.bin

Additionally we need some packages that must be installed on Backtrack 4 first. Make sure to have a proper Internet connection and to use the following commands to update Backtrack 4 and to install the necessary packages:

apt-get update
apt-get upgrade
agt-get dist-upgrade

agt-get install libstdc++5
agt-get install xvfb
agt-get install xfonts-base
agt-get install xfonts-75dpi
agt-get install xserver-xorg
agt-get install libxtst6
agt-get install libxp6
agt-get install libxt6


Run the installer like this and follow the instructions.  Make sure to install NeXpose in the default directory /opt/rapid7/nexpose.

cd /tmp
./NeXposeSetup-Linux32.bin

According to your hardware, the installer needs some time to copy and configure everything.
During this process you must create a NeXpose account for the NeXpose administrator. Choose a username and password that is secure and easy to remember. You will need to use this account to configure the server after installing it.


Preparing the first run

You can run Nexpose first time using the following commands:

cd /opt/rapid7/nexpose/nsc/
./nsc.sh

The script will prepare the database and will import the vulnerability categories and data. According to your hardware and Internet connection, this will take some time.

 

Click image to open!

 

Let’s first install NeXpose as a daemon. In this case we have to copy the nexposeconsole.rc  file to the /etc/init.d directory, and give it the  daemon name nexpose:

cp /opt/rapid7/nexpose/nsc/nexposeconsole.rc   /etc/init.d/nexpose
chmod 755 /etc/init.d/nexpose


If you like to start the daemon automatically when the operating system starts, use the following command:

update-rc.d nexpose defaults

I prefer to start, stop and restart the daemon manually. For that reason I’m using the following commands:

/etc/init.d/nexpose start
/etc/init.d/nexpose stop
/etc/init.d/nexpose restart


The NeXpose Security Console communicates with NeXpose Scan Engines to start scans and retrieve scan information. All exchanges between the console and scan engines occur via encrypted SSL sessions. Use your favorite browser and the following URL:

https://localhost:3780

You will possibly  get an error message because of the security certificate. In this case just add an exception. You also should allow Java scripts to work if you have the “NoScript” addon installed.

If you don’t like NeXpose or you want to quit the evaluation, just uninstall it like this:

cd /opt/rapid7/nexpose/_uninst
./uninstaller.bin
rm –Rf  /opt/rapid7/nexpose
 

Click image to open!
Click image to open!
Click image to open!
Click image to open!
Click image to open!
Click image to open!
Click image to open!
Click image to open!

 


Prev - Next >>
 
Next >
[ Back ]

Main Menu

Home
News
Tips and Tricks
Workshops
Video-Tutorials
Search
Contact Us
Disclaimer

Who's Online

We have 1 guest online

Virus Info Feed

Alexa Traffic Stats

Sedo - Domains kaufen und verkaufen das Projekt linux-tip.eu steht zum Verkauf Besucherstatistiken von linux-tip.eu etracker® Web-Controlling statt Logfile-Analyse