background image

38

Chapter 4

Figure 4-2: The NeXpose’s initial home screen

Buttons in the main body of the page let you perform common tasks 

such as creating a new site or setting up a new vulnerability scan.

The New Site Wizard

Prior to running a vulnerability scan with NeXpose, you need to configure a 

site

—a logical collection of devices such as a specific subnet, a collection of 

servers, or even a single workstation. These sites will then be scanned by 
NeXpose, and different scan types can be defined for a particular site.

1.

To create a site, click the 

New Site

 button on the NeXpose home page, 

enter a name for your site and a brief description, and then click 

Next

.

2.

In the devices step, shown in Figure 4-3, you have quite a bit of granular-
ity in defining your targets. You can add a single IP address, address ranges, 
hostnames, and more. You can also declare devices, such as printers, to 
exclude from scans. (Printers frequently don’t take kindly to being scanned. 
We have seen instances in which a simple vulnerability scan caused more 
than one million pages of pure black to be placed in the queue to print!) 
Click 

Next

 when you have finished adding and excluding devices.

3.

At the scan setup step, you can choose from several different scan tem-
plates, such as Discovery Scan and Penetration test; select the scanning 
engine you want to use; or set up an automated scanning schedule. For 
purposes of this initial walk-through, keep the default selections and 
click 

Next

 to continue.

4.

Add credentials for the site you want to scan, if you have them. Credentials 
can help create more accurate and complete results by performing in-
depth enumeration of installed software and system policies on the target. 

5.

On the Credentials tab, click the 

New Login

 button, type a username 

and password for the IP address you want to scan, and then click 

Test 

Login

 to verify your credentials then save them.