NeXpose - Pairing An Engine

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
24 minutes
Difficulty
Beginner
Video Transcription
00:00
>> In this tutorial, I'm going
00:00
be walking you through adding
00:00
and pairing a distributed engine in NeXpose.
00:00
Once you login, click on
00:00
the "Administration" tab and go
00:00
down to where it says
00:00
NeXpose scan engines, and click on "Create".
00:00
This will bring you to
00:00
the scan engine configuration wizard.
00:00
Before you go to add your engine,
00:00
make sure you've already put in place
00:00
the appropriate firewall rules
00:00
to allow the connections to be made.
00:00
From the console, you will need outbound over
00:00
TCP port 40814 and
00:00
on the engine that you'll be connecting,
00:00
you'll need inbound over TCP port 40814.
00:00
For a full listing of all firewall
00:00
>> rules that you should
00:00
>> need for both your console and engine,
00:00
please see the NeXpose quick install guide.
00:00
I'll include a link to that guide
00:00
in the description of the video.
00:00
Once you have those rules put in place,
00:00
go ahead and pick a name for your engine.
00:00
This could be anything you like.
00:00
Most likely with an engine,
00:00
it's going to be a location.
00:00
I'll go ahead and just choose the location of mine.
00:00
Then put the address of the engine.
00:00
The default for everything else should be fine.
00:00
If you do want, you can choose to add
00:00
the sites now or you can do it later at any time.
00:00
For this, I'm just going to go
00:00
ahead and show you how to pair it.
00:00
Once you have the name and address put
00:00
in, click on "Save".
00:00
This will bring you back to the administration tab.
00:00
Once you do, click on "Manage" next to Scan Engines,
00:00
and then go and locate the engine that you just put in.
00:00
The status should be unknown.
00:00
Click on the "Refresh" button across from that.
00:00
You'll get an error message saying,
00:00
"Cannot refresh scan engine.
00:00
Unauthorized console connection from
00:00
the IP address of your console."
00:00
At this point, a request has been
00:00
made from the console to the engine.
00:00
You'll see the status is now pending authorization.
00:00
Next, you'll need to pull up the CLI on the engine.
00:00
If you're currently on a system other than the engine,
00:00
you'll need to either use SSH
00:00
or RDP to remotely login to it.
00:00
Once you're logged in, you'll need to
00:00
screen into the NeXpose engine.
00:00
You can do so by typing screen -x nexpose.
00:00
Type the command show consoles.
00:00
This will give you a listing
00:00
>> of all the consoles that are
00:00
>> either paired to this engine
00:00
>> or are waiting to be paired.
00:00
>> We can see our engine right here.
00:00
Note the console ID.
00:00
Once you do, type enable
00:00
console and then the console ID number,
00:00
which in this case is one.
00:00
You should receive console successfully enabled.
00:00
Once you do, detach yourself from
00:00
the screen session by holding down Control and
00:00
pressing A and D. You should see detached.
00:00
This is an important step to make sure you don't just
00:00
Control C and kill the process altogether.
00:00
Once you've done this, go back to
00:00
the web UI for the console.
00:00
Click on "Refresh". Your engine
00:00
should now be listed as active.
00:00
Continue this process if you
00:00
have any other engines to add.
00:00
If you have any questions, like always,
00:00
just click on the support link
00:00
in the upper right-hand corner.