I am new to Nexpose, scanned my machine and it is reporting obsolete Windows. Winver shows Version 1607 (OS Build 14393.2969) and further down Win10 Enterprise 2016 LTSB. So if I am running LTSB, is Nexpose not detecting it and reports as obsolete? Should/can it be detecting LTSB? Thanks.
Posted by Christopher Marcus 4 months ago
Hey guys, I have issue with initiate scan from API, after adding assets to site using API. when I tried to start a scan for the added assets its return the assets doesn't exist in the site error 400. but from the user interface I can see the asset was added in the right site. what could be the problem? If I added an asset from the user interface and initiate scan from API it works.
Posted by Ibrahim 4 months ago
Does InsightVM has the ability to scan ECS Clusters - running instances (hosts) and containers inside them? We have a scan engine running and with open ingress to a test ECS Cluster with running containers - however, InsightVM is not able to scan it or report back any running containers. The ECS instance shows up on the scans and I can see it's IP and DNS Name but nothing else - not even the OS version. P.S - The scans run fine for EC2 instances.
Posted by Rachit Singhal 4 months ago
I am trying to run a report of vulnerabilities that can get shell without any user interaction. I tried to run a report on "remote execution", but it included exploits against Adobe and Java that require users to click a link or open a document, and excluded vulnerabilities such as SSH credential is "admin/admin" Anyone have a strategy for this?
Posted by WIlliam Stuart 4 months ago
Hey guys, is there a way to retrieve scan results (including found vulnerabilities not just general statistic as API V3 returns now) by giving scan id using API calls? Thank you
Posted by Ibrahim 4 months ago
I created a scan template to check against a specific CVE but whenever I try to start a scan with this template, the scan fails on the engine with an error code of null. Is there something else that I need to enable to scan for individual CVEs?
Posted by Josh Rice 4 months ago
Hi! I am trying to create a remediation project to ensure the scan credentials are successfully distributed. I want to follow the progress that's why I use remediation project instead the goals and sla feature. When I put the asset filter asset.credentialSuccessStatus IS NULL AND, the vulnerability filter is mandatory and no matter what filter I use the number of assets matching the condition decreases so I will get a lower number of assets meeting the criteria. Is it possible to skip the vulnerability filter or what query should I use to skip this? Thank you!
Posted by Adrian Borlea 4 months ago
I see this pie chart on the vulnerabilities page, but I cannot find anywhere that they are broken out in detail. It says I have 2 that are novice level, but what 2 are they? There is no option to filter on anything that is mentioned in the pie chart. Has anyone figured out a way to tell what vulnerabilities break down to what Skill Level?
Posted by Kerry LeBlanc 4 months ago
Is anyone else getting errors that come up like the one i have attached. I found why its happening, but its not ideal for me to change permissions for the user. It seems this user is added two several sites and asset groups. He is trying to scan particular asset which is in both sites. One site is my master site only for admins. The other for general users. He gets this error attached when trying to scan a asset but doesn't have permission to my master site. If i give him access to both hes good. But my master site is only for admins. Any thoughts?
Posted by Vanessa villalpando 4 months ago
Has anyone seen this error in their logs? We are finding that these machines are not checking into the console. [WinError 10053] An established connection was aborted by the software in your host machine 2019-05-14 22:55:54,541 [INFO] [agent.agent_socket.AGS.51966864.cmsgpack://endpoint.ingress.rapid7.com:443]: Resolver found 3 resolved entries for endpoint.ingress.rapid7.com 2019-05-14 22:55:54,542 [INFO] [agent.agent_socket]: Setting resolver entry retention to 300s before next refresh for server 'endpoint.ingress.rapid7.com' 2019-05-14 22:55:54,543 [INFO] [agent.agent_socket.AGS.51966864.cmsgpack://endpoint.ingress.rapid7.com:443]: Setting non-TLS timeout to 10s 2019-05-14 22:55:54,546 [INFO] [agent.agent_socket.AGS.51966864.10.87.xx.xx:51058<->cmsgpack://188.8.131.52:443]: Initial connection established. 2019-05-14 22:55:54,548 [WARNING] [agent.agent_socket.AGS.51966864.10.87.xx.xx:51058<->cmsgpack://184.108.40.206:443]: SocketTracker-endpoint.ingress.rapid7.com:443 attempt 1 - Failed: [WinError 10053] An established connection was aborted by the software in your host machine 2019-05-14 22:55:54,549 [WARNING] [agent.agent_socket.SMT.51968488.endpoint.ingress.rapid7.com:443]: Non-responsive - jailing for 54s
Posted by Joseph Gothelf 4 months ago
I am receiving an error when I log into my InsightVM console. The error says the following. An error occurred while retrieving or submitting data. I am not getting my agents populated in the console, I don't know if this error has anything to do with it. What should I look at to resolve this as we are very very new to the Insight platform. Thank you, Tony
Posted by Tony DeMarco 4 months ago
Hello, I'm running Metasploit on windows server 2008, when i try to open the web UI it gets stuck I've checked the services and noticed "metasploitPostgreSQL" isn't running when i try to start it, it stops automatically. could this be why my metasploit isn't working? Kindly assist. Thanks
Posted by Wale Jose 4 months ago