Virtual Appliance Guide
IMPORTANT
The Virtual Appliance has limited disk space and is only intended for product evaluation purposes.
It is NOT intended for enterprise and production deployments.
- Deploying the Virtual Appliance
- Powering on the Virtual Appliance
- Administering the Virtual Appliance
- Updating the host's operating system
- Logging onto the Security Console
- Frequently Asked Questions
Deploying the Virtual Appliance
Read this section to learn how to deploy the Virtual Appliance in one of the supported environments.
Supported environments
The Virtual Appliance is tested and supported in the following environments:
- VMware Player 6 or later
- VMware Workstation 9 or later
- VMware Fusion 8 or later
- VMware vCenter 5.5, 6.0
- VMware ESXi 5.5, 6.0
Downloading the Virtual Appliance
Rapid7 provides the Virtual Appliance as an Open Virtualization Archive (OVA) file. You can download either a Virtual Appliance Security Console (VA) or the Virtual Appliance Scan Engine (VASE). Download links for both are as follows:
Deploying in VMware Player and VMware Workstation
- In VMware Player and VMware Workstation, click "File" -> "Open".
- In the dropdown list, select the group that includes *.ova.
- Select the Virtual Appliance file, and click "Open".
The "Import Virtual Machine" window will appear.
OPTIONAL
You can rename the Virtual Appliance file name if desired.
- Specify the storage path for the Virtual Appliance.
- Click "Import".
The import process converts the Virtual Appliance file to a Virtual Machine Disk Format (VMDK) file. When the import process is complete, the Virtual Appliance appears on the list of available virtual machines in VMware Player.
- Select the Rapid7 Virtual Appliance, and click "Play" or "Power On this Virtual Machine" if using VMware Workstation.
Deploying in vCenter or VMware ESXi
- In vCenter or VMware ESXi, click File | Deploy OVF Template... The Deploy OVF template window appears.
- Locate the downloaded Virtual Appliance file, and click Next. The OVF Template Details panel appears for configuring Virtual Appliance set- tings.
- Enter a name for the Virtual Appliance.
- Select an inventory location, and click Next.
- Select a host or cluster for the Virtual Appliance, and click Next.
- Select a resource pool, and click Next.
- Select a datastore, and click Next.
- Select Thin or Thick (recommended) Provision for the disk format, and click Next.
- Select a network mapping, and click Next.
- Click Finish.
Powering on the Virtual Appliance
- When the import process is complete, select the Virtual Appliance from the list of available virtual machines.
- Click Power on.
- Click the Console tab to view a terminal window for the Virtual Appliance.
Administering the Virtual Appliance
Log in to the Virtual Appliance after it starts to perform any necessary administrative functions. The operating system for the Virtual Appliance is a CIS hardened, minimal install of Ubuntu Server 16.04 LTS.
When startup is complete, the Virtual Appliance window displays a login prompt. If you are logging in for the first time, you will be asked to change the current UNIX password:
- Enter the default username:
nexpose - Enter the default password:
nexpose
TIP
Your password keystrokes will not appear in the terminal as you type them. Take care that you input the password accurately.
- When prompted, enter the default password again.
- Enter your new password according to the complexity requirements.
Password Complexity Requirements
Passwords must at least 14 characters long and contain at least one uppercase letter, one lowercase letter, one number, and one special character.
- Enter your new password again to confirm the change.
You need the IP address of the Virtual Appliance in order to login to to the Web interface. Run ifconfig -a to view the IP address.
Updating the host's operating system
As a security best practice, make sure to keep your operating system current with the latest updates. To apply an update, take the following steps:
- Access the operating system of your Virtual Appliance using SSH or by opening the a virtual console.
- Run the following command to update all operating system packages to the latest versions:
Note
The unattended-updates package is installed and configured to automatically apply security updates when available. The virtual appliance requires access to us.archive.ubuntu.com and security.ubuntu.com to retrieve updated packages. Unattended update logs can be reviewed in /var/log/unattended-upgrades/unattended-upgrades.log
Logging onto the Security Console
You perform all Security Console operations through a Web-based interface, which supports the browsers listed at https://www.rapid7.com/products/insightvm/system-requirements/.
To log onto the Security Console take the following steps:
- Open a web browser.
- Enter the URL for the Virtual Appliance:
https://<Virtual_Appliance_IP>:3780 - Enter the default username (
nxadmin) and password (nxpassword). - Click the Logon button.
Change Password
Upon first login the Security Console will prompt you to change your password. Enter the default username and password: nxadmin and nxpassword. Enter a new password, and confirm the new password.
If you are a first-time user and have not activated your license, the Security Console displays an activation dialog box. Enter your license key. If you do not have a license key, visit https://www.rapid7.com/products/insightvm/ to start your 30-day free trail.
After you receive the license key, login and enter the license key in the activation window.
Frequently Asked Questions
How do I set up a static IP?
There are two different ways to set up a static IP.
- Option 1 - edit one file only
Open the /etc/network/interfaces file in a text editor with the following command:
Edit the /etc/network/interfaces config with the following code. Note that you do not need to do the /etc/resolvconf/resolv.conf.d/tail section if you add the dns-nameservers to the /etc/network/interfaces conf file.
- Option 2 - Edit two files
Open the /etc/network/interfaces file in a text editor with the following command:
Match the corresponding lines to the following values:
Add the following address, netmask, and gateway lines and specify the values as desired.
NOTE
Values shown here are only examples. ens32 is the default network interface for the OVAs. Run ifconfig to display existing network interfaces to confirm which interface is in use.
How do I set up DNS?
Create the /etc/resolvconf/resolv.conf.d/tail file with the following command:
Add the following lines and specify values according to your configuration requirements:
How do I restart networking?
In order for the static IP and DNS changes to take effect, the existing IP must be flushed with the following command:
To restart the networking service, use the following command:
How do I set the system time?
The virtual appliance comes preinstalled with chrony. To check the current system time, run the chronyc tracking command.
Chrony can be configured by editing the /etc/chrony/chrony.conf file.
Please see https://chrony.tuxfamily.org/faq.html for complete documentation.
To manually sync the time, run the following commands:
To change the timezone, run sudo dpkg-reconfigure tzdata and select the desired timezone.
How do I start, stop, and check the status of the console and engine services?
Console
Engine
What is the OS account lockout policy?
Accounts will get locked out after 5 invalid login attempts. Accounts will get automatically unlocked after 15 minutes.