Technical FAQ¶
1. What are the main components of NeXpose?¶
NeXpose consists of two main components:
- NeXpose Scan Engines
- Scan Engines perform asset discovery and vulnerability detection operations. In the enterprise edition of NeXpose they can be deployed outside your firewall, within your secure network perimeter, or inside your DMZ to scan any network asset. In the community edition, there is one local scan engine.
- NeXpose Security Console
- The console communicates with NeXpose Scan Engines to start scans and retrieve scan information.
- The console includes a Web-based interface for configuring and operating NeXpose.
2. What ports are required to be open on my firewall in order for NeXpose to function?¶
- In order to download vulnerability checks and feature updates from a server you will need
- outbound open on port 80 to updates.rapid7.com
- In order to provide Web interface access to NeXpose users you will need
- inbound over port 3780; console accepts HTTPS requests
3. How do I connect to my instance of NeXpose?¶
Browse to https://<yourip>:3780 and login to NeXpose.
4. How do I know if my version of NeXpose is up to date?¶
Currently, it is not possible to find out what the current version of NeXpose is by looking through the Web interface. NeXpose automatically installs software updates on a regular basis. To ensure that you are using the current version, enter the update now command any time on the admin/diag_console.html page of the NeXpose Security Console Web interface.
To find out what version of NeXpose is running, enter the command ver or version on the admin/diag_console.html page.
5. Can I import an arbitrary certificate that I generated?¶
The signed certificate must be based on a NeXpose-generated certificate signing request (CSR). Within NeXpose, you cannot import an arbitrary key pair/certificate that you generated. NeXpose, by default, uses a self-signed X.509 certificate, which is created during installation. You can replace this certificate with a custom, self-signed certificate or with a certificate signed by a trusted certification authority (CA), such as VeriSign, Thawte, or your own CA.
6. What can I search for using the search functionality?¶
7. What do I need to do prior to installing on Backtrack 4?¶
See Common Errors 1. The following error appears when initiating NeXpose (i.e. ./nsc.sh) "Failed to init login module: org.postgresql.util.PSQLException: ERROR: relation "auth_source" does not exist"