Scribd Logo
Upload

Welcome to Scribd!

  • Install InsightVM Scan Engine - Linux Activity Guide

    Uploaded by

    arafat shabani
    7 views12 pages

    Original Title

    Install_InsightVM_Scan_Engine_-_Linux_Activity_Guide

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    7 views12 pages

    Install InsightVM Scan Engine - Linux Activity Guide

    Uploaded by

    arafat shabani

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 12

    Activity Guide Copyright© 2022 Rapid7, Inc.

    Installing an InsightVM Scan Engine on Linux


    Prerequisites
    Before beginning this installation, you will need:

    ● A physical or virtual Linux host that meets the system requirements


    (refer to https://www.rapid7.com/products/insightvm/system-requirements/)

    Objectives
    ● In this activity, you will install an InsightVM Scan Engine on a Linux server.

    Overview
    The steps in this Activity Guide describe the installation process for an InsightVM Scan Engine. The tasks in this guide
    walk through the Linux commands to prepare for and execute the Installation Wizard.

    At the conclusion of this Activity Guide, your InsightVM Scan Engine will be installed and paired with your Security
    Console.

    Before you Begin


    ● Download the InsightVM Installer and Checksum files
    (refer to https://docs.rapid7.com/insightvm/download/)
    ● If the files were not downloaded directly to your target host, move them to the same directory on your target host
    using the utility of your choice (for example, WinSCP)
    ● Ensure that you have root access to your target host
    Task 1: Verify Installer File Integrity
    Use the downloaded Installer .bin and Checksum file to verify file integrity.

    Step Instructions Image

    1. In a terminal, either on the local


    host or remote (SSH)
    connection, ensure that you are
    logged in as a user with root
    privileges.

    2. Change directories (cd) to the


    location of the downloaded
    Installer and Checksum files.

    3. Verify the installer file integrity


    by running the command:
    sha512sum -c Rapid7Setup-
    Linux64.sha512sum.

    The return message should


    indicate “Rapid7Setup-
    Linux64.bin: OK”

    If you receive a failure message,


    download the files again and re-
    check.

    2
    Task 2: Launch the Installer
    Prepare the Installer file for execution and execute.

    Step Instructions Image

    1. Continuing in the same terminal


    session, make the installer file
    executable with the command:
    chmod +x Rapid7Setup-
    Linux64.bin

    The file name will display in


    green - indicating that it is
    executable.

    2. Launch the installer with the


    command:
    ./Rapid7Setup-Linux64.bin.

    A message indicates the


    installer is starting.

    3
    Task 3: Follow the Installation Wizard
    Respond to the prompts and information requested by the Installation Wizard.

    Step Instructions Image

    1. The Installation Wizard can run


    either in a graphical (GUI) mode
    or text-based terminal mode.

    A comparison of the Welcome


    screens is shown below-right.

    The remainder of this task will


    show only the graphical
    interface, but the prompts and
    information entered for either
    GUI or terminal mode will be the
    same.

    Click Next or enter y to continue


    past the Welcome screen.

    4
    2. You are prompted to choose the
    installation type and destination
    directory.

    Select the Scan Engine only


    radio button.

    For this pass through the


    installation process, install with
    Console to Engine
    communication selected. The
    Engine to Console selection will
    be described later in this guide.

    Leave the destination directory


    at its default location unless you
    wish to install elsewhere.

    Click Next to continue.

    3. On the Installation
    Requirements screen, if you are
    using a proxy host, enter the
    host and port information.

    Generally speaking, minor


    deviations from requirement
    recommendations will allow you
    to continue with installation but
    all recommendations should be
    met for production
    environments.

    Click Next to continue.

    5
    4. You have the opportunity to pair
    the Scan Engine to the Insight
    Platform during installation.
    Pairing your Scan Engine to the
    Insight Platform adds additional
    functionality but pairing to the
    Platform can also be performed
    as a post-installation task.
    If you have an Insight Platform
    account, you can log on,
    generate the pairing token for
    the Engine and enter it in the
    token field on this screen.
    To skip pairing with the Platform
    at this time, leave the checkbox
    unchecked and click Next.

    5. On the Account Information


    screen, enter a user and
    company name that will be used
    to generate SSL certificates.

    Click Next when you have


    finished entering the
    information.

    6
    6. On the Confirmation screen,
    verify your selections.

    Click Next to continue.

    7. Note that the command to start


    the Scan Engine service is
    displayed for you.

    At the completion of installation,


    click Finish.

    7
    Configuring Engine-to-Console Communication During Installation
    Let’s look briefly at the other option you have for communication between the Scan Engine and Console.

    If you choose to configure Engine-to-Console pairing as part of the installation process, these steps replace Step 2 and
    add an additional prompt for Console and Shared Secret information after Step 6 in Task 3.

    Instructions Image

    The installation “Type and Destination”


    screen is the same screen you saw in
    Step 2 near the beginning of this task.
    If you select Engine to Console as the
    Communication Direction, an additional
    “Console Details” screen will prompt
    you for pairing information as shown
    below.

    The “Console Details” screen is


    displayed only when selecting the
    Engine to Console Communication
    Direction.
    This screen will prompt you for pairing
    information after step 6 of this task.
    On this screen, enter the Security
    Console IP address, Console TCP Port,
    and Shared Secret (Pairing Key).
    The Test button can be used to verify
    communication with the Security
    Console.
    You also have the ability to skip this
    configuration and perform it as a post-
    installation task by selecting Skip Scan
    Engine Pairing. But note that this
    pairing step is easier to perform in the
    installation wizard than it is as a post-
    installation procedure.

    8
    Task 4: Add the Scan Engine to the Security Console
    Create a new Scan Engine in the Security Console.

    Step Instructions Image

    1. Log on to the InsightVM Security


    Console.
    To create a new Scan Engine
    through the Administration
    page, open the Administration
    tab.
    Under the Scan Options section,
    select Create next to ENGINES.

    2. Enter a Name for the engine and


    the IP Address.
    If configuring communication
    from Console-to-Engine, leave
    the Port at the default value of
    40814.
    If configuring communication
    from Engine-to-Console, The
    Port value will be 40815.

    3. Select Save in the upper-right


    corner of the page to save your
    new Scan Engine.

    9
    4. To create a new Scan Engine
    through a Site, select a Site.
    [You can find Sites in a number
    of ways – we are showing the
    Sites list from the Home screen
    here.]

    5. From the Sites page, select


    Manage Site.

    On the Site Configuration page,


    select the Add Scan Engine tab
    to enter the Name, IP Address
    and Port information for the
    Scan Engine.

    Save the configuration.

    10
    Task 5: Edit the Scan Engine consoles.xml File
    Edit the consoles.xml file on the Scan Engine host to enable the Scan Engine.

    Step Instructions Image

    1. Locate the consoles.xml file in /opt/rapid7/nexpose/nse/conf/


    the Linux path shown here.
    Open the file in a text editor.
    Locate the <console> tag for the
    console that you are pairing the
    Scan Engine to (if there is more
    than one). You can identify the
    console by the lastAddress IP
    Address attribute.
    .

    2. Change the enabled attribute


    value from ‘0’ to ‘1’ to enable the
    Scan Engine.
    Save your edit and restart the
    Scan Engine host for the change
    to take effect.

    11
    Task 6: Refresh the Scan Engine in the Security Console
    Log on to the Security Console and refresh your Scan Engine status.

    Step Instructions Image

    1. Open the Administration page


    and under Scan Options, select
    manage for Engines.

    2. You can refresh the status of


    the Scan Engine in the “Refresh”
    column with the refresh control.

    The Communication Status


    arrow indicates which
    component initiates scan jobs:
    Console → Engine
    or
    Console  Engine

    Status is indicated by arrow color:


    Green: Scan Engine Active
    Orange: Unknown (no communication)
    Red: Trouble (Not yet enabled, Incompatible Engine/Console version, or
    Scan Engine offline)

    3. You can stop, start, and restart the Scan Engine service on the host server with the following commands:
    sudo systemctl stop nexposeengine.service
    sudo systemctl start nexposeengine.service
    sudo systemctl restart nexposeengine.service

    Conclusion
    Having completed the tasks in this Activity Guide, you can now:

    ▪ Install an InsightVM Scan Engine on a Linux server.

    12

    You might also like