• Nexpose
  • Overview
  • Features
  • Architecture & Open API
  • Try NeXpose
  • Buy NeXpose
  • System Requirements
  • Vulnerabilities Tested
  • NeXpose Information
• Solutions
  • Web Application VA
  • Database VA
  • Network & OS VA
  • Compliance Scanning
• Services
  • PCI Compliance Testing
  • Penetration Testing
  • Web Application Security Audits
  • Best Practices Consulting
  • Social Engineering
  • NeXpose Training
• Support
  • NeXpose FAQ
  • System Requirements
  • Support Form
  • Vulnerabilities Tested
  • Customer Center Login
• Security Center
  • Advisories
  • Vulnerabilities Tested
  • Compliance
  • White Papers & Articles
  • SSHredder Test Suite
• Company
  • Management
  • Customers
  • Partners
  • Press Room
  • Events
  • Contact
  • Careers
• Customers

• NeXpose FAQ
• System Requirements
• Support Form
• Vulnerabilities Tested
• Customer Center Login

NeXpose FAQ - Answers

Evaluation

Is it possible to evaluate NeXpose?

Yes, we offer free 20 day evaluations of NeXpose. To get your evaluation copy, go to the Rapid7 website and fill out a download request form. You will then receive an email from the “Download Request Manager” containing a link to download NeXpose. Click on the link and NeXpose will download to your computer.

How do I get an evaluation license for NeXpose extended?

Extended licenses are available upon request. To obtain an extended license for an existing or expired evaluation of NeXpose, you can submit a license request directly to Rapid7 by issuing the following command from the NeXpose server console: license request email@address.com where email@address.com is the email address you would like to receive the license. If the NeXpose server does not have direct Internet access, you can specify the name or address of your SMTP mail relay server as the next argument to the command. For prior versions of NeXpose, you must send the server serial number, as described in the section below.

How do I contact Rapid7 Technical Support?

Rapid7 Technical Support may be contacted by phone or email:

• Phone: 617.247.1717
• Toll free: 866 7 RAPID 7
• Email: Rapid7 support.

Pre-Deployment

What are the minimum system requirements for installation?

• Dedicated server with no IPS/IDS/Virus Scanning
• 1.5 GHz processor and later
• 2 GB RAM
• 80 GB + available disk space (10 GB minimum)
• 100Base-TX Network Interface Card

What operating systems does NeXpose run on?

NeXpose must run under one of the following operating systems:

• MS Windows Server 2000 or 2003
• Linux distributions:
  • RedHat Enterprise Linux (EL3 & EL4)
  • SUSE 9.x & 10.x
  • Fedora Core 4 & 5
  • Ubuntu 6.06
  • Debian 3.1

NeXpose is not supported on Windows XP SP2 due to restriction in accessing raw sockets.

OS X is currently not supported for the NeXpose server installation. The NeXpose server, however, may be installed on OS X Intel system using Parallels VMware. Rapid7 Technical Support will not provide support the VMware setup, but will support the NeXpose system itself.

Does NeXpose run on VMware?

NeXpose will run, and is supported, when installed on a properly configured VMware environment. Rapid7 does not support the installation or configuration of the VMware environment. This is due to the complicated setup process of VMware itself and actually establishing a optimum operating conditions. In VMware, we have seen the first run of NeXpose (which includes downloading updates and compiling databases) take up to an hour depending on how VMware is set up. If you are not experienced with VMware, we highly recommend installing on Windows 2000, Windows 2003, or Linux.

I want to evaluate or have already purchased NeXpose. How do I request a copy of the software?

To request a copy of the NeXpose software, go to the Rapid7 website and fill out a download request form. You will then receive an email from the “Download Request Manager” containing a link to download NeXpose. Click on the link and NeXpose will download to your computer.

When I click on my download link I receive the error: Invalid Download Request?

This generally means the one time use link has already been used to attempt a download. If the download is interrupted, the link will become invalid and a new Download Request will be required. If you have received this error with multiple/unique download links please contact Rapid7 Technical Support for further assistance.

How do I install on Windows?

Once the NeXpose download has completed, start the installer and then start the product (it will take a few minutes for the vulnerability definitions to compile). When the installation is complete, a message will appear 'Ready to browse to https:...' Open IE or Firefox and connect to the NeXpose browser-based interface.

How much bandwidth does NeXpose use?

On Average ~75Kbps using 75 threads with 30 simultaneous port scans. Using these settings it took about 2 hours to scan 3 class C's with 460 active devices.

How long does a scan take?

• Ping Sweep of 10 million IPs 5-10 hours: - This time depends on the physical distance and latency of the line between NeXpose and the target system. The assumption is approx. 150ms per IP.
• Port Scan of 3000 devices (default ports/SYN scan) 16-18 hours - This is relatively easy to predict since open ports do not affect the speed of a SYN scan. A full connect scan will be slower based on the number of open ports. Also varies based upon the distance between the devices and the latency on the line. The assumption is approx. 45 seconds per device.
• Vulnerability Scan of 1500 devices 15-20 hours - This widely varies based on the number of ports open per device. The more ports open on a machine the longer it will take to conduct the vulnerability scan. The assumption is approx. 2 minutes per device.

How does NeXpose ensure efficient bandwidth utilization?

NeXpose uses customizable scan templates and the user can specify the packet send delay, timeouts, maximum number of scan threads, and concurrent port scans. Furthermore, NeXpose will only run the vulnerability checks appropriate to the type of machine scanned (for example, no test specific to Linux operating systems will be run against a Windows machine.)

Copyright © 2001 - 2008, Rapid7, LLC. All Rights Reserved.

• Home
• |
• Nexpose
• |
• Solutions
• |
• Services
• |
• Support
• |
• Security Center
• |
• Company
• |
• Contact