Vulnerability Scanning
37
Figure 4-1: Vulnerability scan results against the target web server
Scanning with NeXpose
NeXpose is Rapid7’s vulnerability scanner that scans networks to identify
the devices running on them and performs checks to identify security weak-
nesses in operating systems and applications. It then analyzes the scan data
and processes it for inclusion in various reports.
Rapid7 offers multiple versions of NeXpose, but we’ll use the Community
edition because it’s free. If you plan to use NeXpose commercially, see the
Rapid7 site (
http://www.rapid7.com/vulnerability-scanner.jsp
) for information
on the various versions and their capabilities and pricing.
Our target for scanning will be a default installation of Windows XP SP2
as configured in Appendix A. We will first perform a basic overt scan of our
target and import the vulnerability scan results into Metasploit. We will close
out this section by showing you how to run a NeXpose vulnerability scan
directly from
msfconsole
rather than using the web-based GUI, eliminating the
need to import a scan report.
Configuration
After installing NeXpose Community, open a web browser and navigate to
https://<youripaddress>:3780
. Accept the NeXpose self-signed certificate, and
log in using the credentials you created during setup. You should next be
presented with an interface similar to the one shown in Figure 4-2. (You’ll
find complete installation instructions for NeXpose at the Rapid7 website.)
On the NeXpose main page, you will notice a number of tabs at the top
of the interface:
z
The Assets tab displays details of computers and other devices on your
network after they have been scanned.
z
The Reports tab lists vulnerability scan reports after they have been
generated.
z
The Vulnerabilities tab gives you details on any vulnerabilities discov-
ered during your scans.
z
The Administration tab allows you to configure various options.