CentOS7下安装著名商业漏洞扫描工具Nexpose_6.6.156

Nexpose简单介绍

Nexpose 是 Rapid7 出品，一款著名的、极佳的商业漏洞扫描工具。

• 跟一般的扫描工具不同，Nexpose自身的功能非常强大，可以更新其漏洞数据库，以保证最新的漏洞被扫描到。
• 漏洞扫描效率非常高，对于大型复杂网络，可优先考虑使用；
• 可以给出哪些漏洞可以被 Metasploit Exploit，哪些漏洞在 Exploit-db 里面有 exploit 的方案。
• 可以生成非常详细的，非常强大的 Report，涵盖了很多统计功能和漏洞的详细信息。

(图片点击放大查看)

(图片点击放大查看)

下面介绍在CentOS7下安装商业漏洞扫描工具Nexpose_6.6.156(Linux  pojie版)

建议CentOS7服务器分配的内存>=16GB

1、上传安装包后，给安装脚本执行权限，并进行安装

license.lic
Nexpose_6.6.156.0_Linux_installer.bin
nse.jar
nxshared.jar

(图片点击放大查看)

(图片点击放大查看)

chmod +x Nexpose_6.6.156.0_Linux_installer.bin 
./Nexpose_6.6.156.0_Linux_installer.bin -cs

2、复制pojie文件到/opt/rapid7/nexpose/shared/lib

cp nse.jar /opt/rapid7/nexpose/nse/lib 
cp nxshared.jar /opt/rapid7/nexpose/shared/lib

3、访问web界面https://IP:3780/

(图片点击放大查看)

如果访问不了，需要检查服务是否已经启动，如果没有启动需要输入下面命令

systemctl start nexposeconsole

查看实时日志

tail -f /opt/rapid7/nexpose/nsc/logs/nsc.log

查看更新的实时日志

tail -f /opt/rapid7/nexpose/nsc/logs/update.log

4、防火墙放开3780 Web端口

firewall-cmd --permanent --znotallow=public --add-port=3780/tcp
firewall-cmd --reload

5、Web登录后修改语言

并导入许可证文件

(图片点击放大查看)

(图片点击放大查看)

(图片点击放大查看)

6、扫描测试

(图片点击放大查看)

下面为安装过程

[root@centos ~]# cd /opt
[root@centos opt]# cat /etc/redhat-release 
CentOS Linux release 7.9.2009 (Core)
[root@centos opt]# getenforce 
Disabled
[root@centos opt]# ls -l
total 1388272
-rw-r--r-- 1 root root       4689 Jun 20 10:34 license.lic
-rw-r--r-- 1 root root 1416931948 Aug 18 06:23 Nexpose_6.6.156.0_Linux_installer.bin
-rw-r--r-- 1 root root     688881 Aug 18 07:01 nse.jar
-rw-r--r-- 1 root root    3953148 Aug 18 07:01 nxshared.jar
[root@centos opt]# chmod +x Nexpose_6.6.156.0_Linux_installer.bin
[root@centos opt]# ./Nexpose_6.6.156.0_Linux_installer.bin -c
Unpacking JRE ...
Starting Installer ...


********************************************************************************
Welcome to the Rapid7 Installation Wizard
********************************************************************************

Rapid7 Vulnerability Management reduces your organization's risk by
dynamically collecting data and analyzing risk across vulnerabilities,
configurations and controls from the endpoint to the cloud. Our
vulnerability management platform is engineered to enable IT security teams
to identify, assess and respond to critical change as it happens.

Rapid7 Inc
http://www.rapid7.com
[email protected]
+1.866.7RAPID7 (Toll Free)
+1.617.247.1717

Do you want to continue?
Yes [y, Enter], No [n]
y

Gathering system information....

Security Console with local Scan Engine
If you do not have a console installed yet, this option is recommended. The console manages scan engines and all administrative operations.

Scan Engine only
This distributed engine can start scanning after being paired with a Security Console.

Select only the set of components you want to install:
Security Console with local Scan Engine [1, Enter]
Scan Engine only [2]


Where should Rapid7 Vulnerability Management be installed?
[/opt/rapid7/nexpose]

The partition containing /opt/rapid7/nexpose does not meet
the recommended amount of free space to install the software.

56.35 GB was found, 80 GB is recommended.

The installation can continue, but insufficient drive space will impact
the long-term operation of software as your stored data increases.
Continue [c, Enter], Back [b]



********************************************************************************
The installer is comparing your system settings to required settings
********************************************************************************

Installation requirements
[Warn] - 7,808 MB RAM was detected. 8,192 MB RAM is recommended.
        See the list of supported versions.
        http://www.rapid7.com/products/nexpose/system-requirements

[Pass] - SELinux is not active.
[Pass] - Software is not running.
Ports and connectivity
Not checked.
[Pass] - Port 3780 is available.
[Warn] - The update server could not be accessed.

Minimum requirements met. Select "Yes" to continue, "No" to cancel installation.
Yes [y, Enter], No [n]
y
Database port
Enter the number for the port that the database will listen on:
[5432]


The port number is valid.


********************************************************************************
User Details: This information will be used for generating SSL certificates, and it will be included in requests to Technical Support. Only alphanumeric characters and spaces are allowed in the name fields.
********************************************************************************

First name:
[]
yuan   
Last name:
[]
fan
Company:
[]
IT


********************************************************************************
Credentials: Choose secure credentials and remember them. You will need them to perform configuration steps after completing the installation.
********************************************************************************

Credentials: Choose secure credentials and remember them. You will need them
to perform configuration steps after completing the installation.
User name:
[]
yuanfan

Password:


Confirm the password:


Require password reset upon login?
Yes [y], No [n, Enter]
n
WARNING: The provided password does not meet complexity suggestions.

It is strongly recommended that you choose a password which does not contain the username.
Fix [f, Enter], Ignore [i]
i


********************************************************************************
Confirm or change your installation selections
********************************************************************************



********************************************************************************
Additional Tasks Selection
********************************************************************************

You have selected the following installation location:
/opt/rapid7/nexpose

You have selected the following component(s) to install:
Security Console, Scan Engine

You have entered the following contact information:
yuan fan,  IT

You have created the following user name:
yuanfan

Select any additional installation tasks.
Initialize and start after installation?
Yes [y], No [n, Enter]




********************************************************************************
Extracting files...
********************************************************************************

Extracting files...
                                                                           


********************************************************************************
Installation is complete!
********************************************************************************

Installation is complete!

If you chose to start the Security Console as part of the installation, then it will be started upon installer completion.

Using the credentials you created during installation, log onto Nexpose at https://localhost:3780.


To start the service run: sudo systemctl start nexposeconsole.service


To start the service run: sudo systemctl start nexposeconsole.service
The Security Console is configured to automatically run at startup. See the
installation guide if you wish to modify start modes.

[Enter]

Finishing installation...
[root@centos opt]# cp nse.jar /opt/rapid7/nexpose/nse/lib && cp nxshared.jar /opt/rapid7/nexpose/shared/lib
cp: overwrite ‘/opt/rapid7/nexpose/nse/lib/nse.jar’? yes
cp: overwrite ‘/opt/rapid7/nexpose/shared/lib/nxshared.jar’? yes
[root@centos opt]# systemctl start nexposeconsole.service 
[root@centos opt]# systemctl status nexposeconsole.service 
● nexposeconsole.service - Security Console Service
   Loaded: loaded (/etc/systemd/system/nexposeconsole.service; enabled; vendor preset: disabled)
   Active: active (running) since Sun 2022-10-23 12:26:51 CST; 42s ago
  Process: 2343 ExecStart=/opt/rapid7/nexpose/nsc/nexposeconsole.rc start (code=exited, status=0/SUCCESS)
 Main PID: 2358 (nsc.sh)
   CGroup: /system.slice/nexposeconsole.service
           ├─2358 /bin/sh /opt/rapid7/nexpose/nsc/nsc.sh
           └─2572 ./.DLLCACHE/nexserv -className=com/rapid7/nexpose/nsc/NSC

Oct 23 12:26:40 centos.walkingcloud.cn systemd[1]: Starting Security Console Service...
Oct 23 12:26:41 centos.walkingcloud.cn nexposeconsole.rc[2343]: nohup: failed to run command ‘/usr/X11R6/bin/Xvfb’: No such file…rectory
Oct 23 12:26:51 centos.walkingcloud.cn nexposeconsole.rc[2343]: Starting NeXpose security console: [  OK  ]
Oct 23 12:26:51 centos.walkingcloud.cn systemd[1]: Started Security Console Service.
Oct 23 12:26:53 centos.walkingcloud.cn useradd[2634]: new group: name=nxpgsql, GID=1000
Oct 23 12:26:53 centos.walkingcloud.cn useradd[2634]: new user: name=nxpgsql, UID=1000, GID=1000, home=/opt/rapid7/nexpose/nsc/...n/bash
Oct 23 12:26:56 centos.walkingcloud.cn su[2667]: (to nxpgsql) root on none
Oct 23 12:26:56 centos.walkingcloud.cn su[2675]: (to nxpgsql) root on none
Oct 23 12:26:56 centos.walkingcloud.cn su[2684]: (to nxpgsql) root on none
Oct 23 12:26:57 centos.walkingcloud.cn su[2701]: (to nxpgsql) root on none
Hint: Some lines were ellipsized, use -l to show in full.
[root@centos opt]# firewall-cmd --permanent --znotallow=public --add-port=3780/tcp
success
[root@centos opt]# firewall-cmd --reload
success
[root@centos opt]# tail -f /opt/rapid7/nexpose/nsc/logs/update.log