My understanding is that bot need to be installed. One place suggests using two computers for this. I can do that but wonder if it's really necessary or even somehow "better" to work with. My objective is to do a fairly infrequent external pen test. If they are installed on the same machine then what things might one need to watch out for and/or do to tailor things?
Posted by Fred Marshall 2 years ago
Hello Experts, I have multiple sites defined in nexpose with assets and asset groups in them. Now I am trying to write an sql query in order to fetch fields like Vulnerability name , cvss score of all the vulnerabilities found in all the sites in the last most scan, we have scheduled scans for our sites. Your help is highly appreciated. Thanks
Posted by Frank 2 years ago
I can access localhost anymore after windows update. Running Windows 10 Pro 16 Gig Ram 64bit Can you reinstall the software? Will that clear the database/project?
Posted by Stan Spears 2 years ago
I was creating a spreadsheet to use the algorithm identified on the below page so I can better estimate the scan time for my sites and readjust their schedules. I noticed, however, that something is wrong in the KB article. The algorithm states: 105 (number live assets) X 65535 (number of ports to be scanned) X 1 (maximum retries) / 200 (minimum packets per second) / 60 seconds = 1146.86 minutes to scan However, the math actually returns 573.43, which would've been the result if you multiple by 200 packets per second, divided by 2. So is the stated algorithm correct with an incorrect answer, or is the answer correct with an incorrect algorithm? https://kb.help.rapid7.com/docs/measuring-scan-performance-and-time
Posted by David Howell 2 years ago
after lots of difficulties i able to install nexpose into my kali machine, and was able to login with username and password and was able to create site only. later i went for a break and came back to login into web console i.e. 127.0.0.1:3780 its says username and password is invalid. on the background scrip running saying password change detected. go and check /opt/rapid7/nexpose/nsc/logs/collecter.logs i am the only one who has the credential to access the os and later who nexpose how can be changed itself.?? is this nexpose vulnerable? some one hacked it? or what ?
Posted by Himanshu Dua 2 years ago
Hi, when i try to add Office 365 as data source, i've got an error. After i click begin button, i am redirect to Office 365 athorization page. When i click the confirm button, i redirect to a rapid7 webpage that says: "Whoops! An error has occured". I found nothing relevant on collector's log.. What culd be the problem?
Posted by Luca 2 years ago
I've gotten NT AUTHORITY\SYSTEM on a system by migrating into lsass.exe but when I run the command "getprivs", as a result I get a "Operation Timed Out" even when UAC is disabled I don't understand why ? Any information will be greatly appreciated
Posted by Spectre 2 years ago
I am trying to set up Endpoint monitoring in Scan Mode for one of our new sites. The collector sees a number of clients, but all of them are returning an error of "NO_DATA" I can't seem to find any resources on how to troubleshoot this issue.
Posted by Trey.Bushart 2 years ago
Is everyone aware that Nexpose will not detect the Apache Struts 2 vulnerability that bit Equifax? We've got a vulnerable machine stood up and no discovery, even with a credentialed scan. They say its a "bug". Pretty big bug I would say.
Posted by Fred Smith 2 years ago
I'm trialling InsightIDR; have set up various Data Collection sources; one being O365. Tenant ID all in and it initially worked; however it now keeps stating "Failed to fetch events from office365". I can stop/start and the status goes Green however then turns swiftly back to failed. And the latest entry in the 'raw log' stays the same from this point forward. Have tried editing and resubmitting the user creds. No joy. I tried this the past few days on a Linux box; this morning I've deployed a Windows box and the same issue occurs. Thanks
Posted by Neil M 2 years ago
I get this error with a simple scan for one subnet: Running this engine on a windows 10 Ent. Failed (java.io.IOException: The Nmap exit value is not zero: 255 at com.rapid7.nexpose.scan.nmap.Nmap.start(Unknown Source) at com.rapid7.nexpose.scan.nmap.Nmap.run(Unknown Source) at com.rapid7.nexpose.scan.Scan.start(Unknown Source) at com.rapid7.nexpose.scan.Scan.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) ) I am open to any suggestions. Thanks, Joshua
Posted by Joshua 2 years ago
Lots of questions on this: Does anyone do this? If so, did you see a major impact to implementing this? Do you know of a way to determine how many hosts currently would be able to use this (like a report that shows that the service is disabled)? What specific service(s) are enabled?
Posted by Trevor Steen 2 years ago