After my first adventure with installing NeXpose Community Edition on Windows, I thought I’d give it a go on a Linux distribution (BackTrack).  I did a google search for a NeXpose Community Edition on BackTrack installation guide and found this excellent guide with step by step installation instructions (also available as PDF download).

If you didn’t install BackTrack yet, you can download the BackTrack 4 vmware image from the official website and start from there, although I did experience some performance issues using NeXpose in vmware on my laptop and decided to install NeXpose on my physical backtrack installation.

Here’s a summary of all steps required to execute to install NeXpose:

apt-get install libstdc++5
cd /pentest/exploits/framework3
svn update
wget -t 0 -c http://download2.rapid7.com/download/NeXpose-v4/NeXposeSetup-Linux32.bin
chmod +x ./NeXposeSetup-Linux32.bin
./NeXposeSetup-Linux32.bin
cd /opt/rapid7/nexpose/nsc
./nsc.sh

After completing these steps, you should be able to access the main NeXpose interface after browsing to https://127.0.0.1:3780/home.html

Some initial thoughts after using nexpose for a handfull of internal network scans:

- NeXpose identified the same or more vulnerabilities in scans I performed against some internal systems than Nessus

- The reporting includes extensive information such as vulnerability references and links to patches.  What I am missing is a section in the report with a clear overview of vulnerabilities per system.

I ran into some issues after installing NeXpose that I provide as reference to help you troubleshooting in case you would also experience them:

Not enough memory

After installing NeXpose in a BackTrack 4 VMware image I executed a test scan of 1 host on my local network.  During the scan, NeXpose automatically paused the scan and displayed an an error message that not enough memory was available on the scanning system.  In vmware I increased the memory assigned to BackTrack 4 from 768 MB of RAM to 1024 MB RAM.  Since then, I didn’t ran into this error anymore.

You have exceeded the licensed number of devices that can be scanned, or you are not authorized to scan this device range.
Entering the license key only during the NeXpose installation is not sufficient.  You have to enter your license key a second time after installing NeXpose on the following page of the NeXpose web interface: https://127.0.0.1:3780/admin/nsc.html

After entering my license key for a second time on this page, I ran into the same error message again when trying to scan my local subnet 192.168.0.1 – 192.168.0.254.  Unfortunately NeXpose Community edition is limited to scanning a maximum  of 38 hosts.

Could not activate product: Product activation failed (License cannot be activated. Please contact support.

I ran into this issue with the initial NeXpose serial number I had obtained.  I reported this problem to Rapid7, and they provided me with a new serial number that worked flawlessly.

This entry was posted on Wednesday, April 28th, 2010 at 9:59 pm and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.