38
Chapter 4
Figure 4-2: The NeXpose’s initial home screen
Buttons in the main body of the page let you perform common tasks
such as creating a new site or setting up a new vulnerability scan.
The New Site Wizard
Prior to running a vulnerability scan with NeXpose, you need to configure a
site
—a logical collection of devices such as a specific subnet, a collection of
servers, or even a single workstation. These sites will then be scanned by
NeXpose, and different scan types can be defined for a particular site.
1.
To create a site, click the
New Site
button on the NeXpose home page,
enter a name for your site and a brief description, and then click
Next
.
2.
In the devices step, shown in Figure 4-3, you have quite a bit of granular-
ity in defining your targets. You can add a single IP address, address ranges,
hostnames, and more. You can also declare devices, such as printers, to
exclude from scans. (Printers frequently don’t take kindly to being scanned.
We have seen instances in which a simple vulnerability scan caused more
than one million pages of pure black to be placed in the queue to print!)
Click
Next
when you have finished adding and excluding devices.
3.
At the scan setup step, you can choose from several different scan tem-
plates, such as Discovery Scan and Penetration test; select the scanning
engine you want to use; or set up an automated scanning schedule. For
purposes of this initial walk-through, keep the default selections and
click
Next
to continue.
4.
Add credentials for the site you want to scan, if you have them. Credentials
can help create more accurate and complete results by performing in-
depth enumeration of installed software and system policies on the target.
5.
On the Credentials tab, click the
New Login
button, type a username
and password for the IP address you want to scan, and then click
Test
Login
to verify your credentials then save them.