• Nexpose
  • Overview
  • Features
  • Architecture & Open API
  • Try NeXpose
  • Buy NeXpose
  • System Requirements
  • Vulnerabilities Tested
  • NeXpose Information
• Solutions
  • Web Application VA
  • Database VA
  • Network & OS VA
  • Compliance Scanning
• Services
  • PCI Compliance Testing
  • Penetration Testing
  • Web Application Security Audits
  • Best Practices Consulting
  • Social Engineering
  • NeXpose Training
• Support
  • NeXpose FAQ
  • System Requirements
  • Support Form
  • Vulnerabilities Tested
  • Customer Center Login
• Security Center
  • Advisories
  • Vulnerabilities Tested
  • Compliance
  • White Papers & Articles
  • SSHredder Test Suite
• Company
  • Management
  • Customers
  • Partners
  • Press Room
  • Events
  • Contact
  • Careers
• Customers

• NeXpose FAQ
• System Requirements
• Support Form
• Vulnerabilities Tested
• Customer Center Login

NeXpose FAQ - Answers

Installation

What ports must be open in my firewalls for NeXpose to function?

• To communicate to Rapid7’s update server NeXpose must be able to connect to the Internet via Port 80. (Communications to our update server can be proxied. Distributed components do not require direct access to the Internet.)
• To communicate to any distributed components NeXpose must be able to connect to Scanning Engines via Port 40814. (This is the default port setting. It may be changed after the initial setup.)
• To scan across firewalls without the use of distributed components NeXpose requires an entry to be added to the firewall’s ACL to allow all traffic from the NSC’s IP address.

How do I get NeXpose to start automatically on Windows?

To get NeXpose to start automatically in Windows a user with administrator level access must log in to Windows and access the "Services” window under the Microsoft Management Console. From there find the service named "NeXpose Security Console” and set its startup to "Automatic”. This setting will cause the NeXpose console to start automatically each time the server is rebooted.

All I see is a DOS prompt. How do I log in?

In Windows, the screen you are seeing is the NeXpose Command Console. At this point you will open a web browser and direct the browser to the IP address of the machine and the port that NeXpose is bound to. For example, if your machine is 10.1.90.55 and the port is 3780 then your url would be "HTTPS://10.1.90.55:3780". Be sure to use HTTPS instead of HTTP. That will bring up the login screen and allow you to put in the user name and password you defined in the initial setup.

How can I check to see if my NeXpose license is valid?

You can confirm whether your NeXpose license is valid via the console interface:

https://ipaddress:3780/admin/diag_console.html.

Once in the console, type in the command: "show licenses" This should display the expiration date of the licenses that are currently in use. If all your current licenses have expired, you can request a new license.

How do I request a new license?

You can request a new license via the NeXpose interface:

Administration --> NeXpose Security Console 'Manage'-->'Request New License'

or, copy the Serial Number into an email and send it to Rapid7 support. A new license will be generated and staged for download during the next auto-update or restart.

How do I confirm a new license?

From the interface, there is a hidden diagnostic console window where you can access the NeXpose Security Console: https://ipaddress:3780/admin/diag_console.html. This window functions as the UI connection to the NeXpose Command Console. In this window, you can type in commands and click on 'execute'. After each command is executed the screen much be refreshed to prepare for the next command. The following commands will force an update and display the license that NeXpose is using respectively:

update now
show licenses

You should see the new license file displayed. Note: you may see the eval license in there as well and that's ok as long as the new license listed above is in there. NeXpose will always select the "best” license for usage.

Can I use NeXpose if I have an IDS/IPS?

NeXpose compliments IDS/IPS very well but two important allowances must be made.

• NeXpose and the IDS/IPS cannot share the same server. Because of the way NeXpose functions, the IDS/IPS will cause scans to take extra time and be less reliable.
• A rule must be created in the IPS/IDS to ignore all traffic from the NeXpose server’s IP address. If this rule is not created, the IPS/IDS will treat NeXpose as a threat and attempt to defeat the scans.

Can I use NeXpose if I have a firewall?

You can perform NeXpose scans through your firewall with proper configuration:

• To scan across firewalls without the use of distributed components, NeXpose requires an entry to be added to the firewall’s ACL to allow all traffic from the NeXpose Scan Console’s IP address across the firewall.
• You can bypass the firewall entirely by taking advantage of NeXpose’s distributed architecture by placing a remote scanning engine on the other side of the firewall or utilizing the Hosted Scanning Engine for outward facing devices.

Rapid7 can assist in this setup process but if you cannot release your firewall configuration to us, it will be difficult for us to assist you. If this is the case, you have several options available to you:

• Rapid7 will be happy to sign a non-disclosure agreement with your company so that we may receive confidential information that will enable us to further assist you. We have a standard NDA form that we can provide you, or you can provide your own.
• Alternately you can try contacting your hardware/software vendor for support.

How do I change the default session timeout of the Web User Interface?

To change the timeout, select the "Administration” tab and then click "Manage” NeXpose Security Console hyperlink. Then select the "Web Server” tab on the left side. Change the default "Session Timeout” value.

How do I initiate a manual update? How do I know if NeXpose is updating?

From the interface, there is a hidden diagnostics console window where you can access the NeXpose Security Console:

https://ipaddress:3780/admin/diag_console.html

In this window, you can type in commands and click on 'execute'. The following command will force an update:

update now

Once executed select the "Administration” tab and then click "Manage” NeXpose Security Console hyperlink to display the current version of NeXpose.

For further information, return to the diagnostics console and execute the command "version”. This will return more detailed information regarding the current state of the console’s revision level.

Copyright © 2001 - 2008, Rapid7, LLC. All Rights Reserved.

• Home
• |
• Nexpose
• |
• Solutions
• |
• Services
• |
• Support
• |
• Security Center
• |
• Company
• |
• Contact