According to the NHTSA, over 1/3rd of all auto-related accidents happen within one mile of home. Many drivers reported a ‘switching off' syndrome that kicked in while driving on familiar roads. As we get closer to the place we feel most comfortable, it's easy to adopt a casual posture towards things we take for granted. At home, one of the things we take most for granted is our technology. Whether you rely on wireless, connect directly or both – for many, network security is a close to home accident waiting to happen.
A 2011 report published by Cisco found that over 12.5 billion devices were accessing the Internet during the 2010 calendar year. Following trend data since the beginning of the 2000s, we can estimate an increase in connectivity over the next two years that brings the global number connected devices to 25 billion; Following that trend, we arrive at an average number of connected devices per person at just under 3.5. With such a plethora of connected devices comes the increased risk and likelihood of data being improperly protected or stolen. One of the best ways to protect your privacy and data is through identifying and mitigating vulnerabilities in your home network.
Fortunately, I happen to know about an impressive product that can do just the trick. Nexpose virtually automates the vulnerability identification process and provides step-by-step remediation instructions on how to eliminate these security risks from your home network. Although network devices will retain a level of vulnerability simply by being connected to the Internet, using Nexpose at home – or as an evaluatory tool for your small business – will help you stay on the cutting edge of vulnerability management and network security.
In this three part series, I would like to walk you through the process of getting Nexpose installed, configured and running on your home network. We'll walk through the process of setting up a VM (virtual machine) and installing the software. Next, we'll configure the product to scan and detect the devices connected to your network, which will help give you an idea of what you want to scan (yep - even things like printers, etc). From there, we'll run a scan and generate a report using one of Nexpose's pre-configured audit reports. After looking at your report, it's simply a matter of thoughtfully mediating the risks identified on your systems and in your network. We can even set up a recurring vulnerability scan to run on a monthly basis, then email you the generated report!
But first, lets get Nexpose installed on an Ubuntu virtual machine. These instructions assume a passing familiarity with Linux and VirtualBox (or Player). Here's what you'll need:
- Virtualization Host software (Oracle VirtualBox or VMWare Player)
- Ubuntu (Nexpose is officially supported in LTS releases 8.04 and 10.04. I have personally successfully tested on 12.04, which simplifies installation of the libstdc 5 package. Official support coming soon!)
- At least 20GB (preferably 80GB ) of hard drive space
- At least 4GB of available RAM (for 32-bit distribution)
Set Up Virtual Machine
Once you have downloaded the .iso file for Ubuntu, create a new VM using VirtualBox or Player. For this article, we'll use the 32-bit (i386) version of both Ubuntu and Nexpose. We recommend 4GB available RAM allocated for the VM and at least 20GB of available hard disk space for the install and PostgreSQL database used for scan data. I prefer to install the optional VirtualBox Guest Additions for a larger viewing area, but that's up to you.
Once Ubuntu has completed installation, we'll need to download the appropriate release version of Nexpose. Note that in new installs of Ubuntu 10.04, you will need to install at least two additional packages for Nexpose to install correctly. You can use apt-get for the 'screen' package, and you can download the libstdc 5 package from the Debian package repository. For this install, we're looking for the 32-bit Linux edition. Once downloaded, open a session in the Terminal. Follow the commands below (or look in the screenshot):
Change directory to the directory you saved the Nexpose install file to. In my case, I used the default Downloads folder.
andrew@nexpose-home:-$ cd Downloads
andrew@nexpose-home:~/Downloads$ ls (to list files within the directory)
andrew@nexpose-home:~/Downloads$ chmod x NeXposeSetup-Linux32.bin (to make the .bin executable)
andrew@nexpose-home:~/Downloads$ sudo -s (elevate to root, keeping current session available)
root@nexpose-home:~/Downloads# sh NeXposeSetup-Linux32.bin (runs the installer as root, which is required for install)
Once the Nexpose installer launches, follow the on-screen directions until you are notified the installation is complete. Take note to install the Security Console with local Scan Engine. This provides full functionality for our purposes as a home network scanner. Also, note the default destination directory: /opt/rapid7/nexpose
The installer will complete, and you should now be able to launch the Nexpose console by opening your browser and navigating to: https://localhost:3780
You will be prompted to input the credentials you specified during the installation to log in.
If you run into problems during the install process, feel free to leave a comment below or reference the Nexpose Installation Guide.
Next week, we will run a Discovery Scan of our network, use that data to construct our first Vulnerability Scans and use THAT data as source material for Nexposes' built-in remediation reports.