Metasploit mailing list archives
Re: neXpose
From: Bob Bruen <bruen () coldrain net>
Date: Wed, 23 Dec 2009 12:47:41 -0500 (EST)
Hi HD,It appeared to me (from the outside) that the page was changed from the time I first used it, to starting to send the email, then to my second attempt (which appeared not work, but in fact did). Thus my second email.
I did get alerts when fields were empty. I filled the fields one at a time to see which were required. I am not using NoScript or equivalent.
My guess is that this is new process for them (free stuff) and it's a bit rough. I do not mind that the email had a key delivered via email that I had to enter - although real free stuff shouldn't require a key (unimportant personal opinion only).
I am installing neXpose now and as promised, it is taking a while (35 minutes), due the db set up. The next startup took almost 8 minutes. The install dialogue is nice and straight forward. They are not kidding about a dedicated server and lots of memory.
There is an issue with certificates when you first log on, but Firefox helps getting it settled.
I'll test it on my internal network later - I have no plans for any commercial use.
Just a suggestion, but there is no need to stress over this. Although, you have some expertise in making things run smoothly and quickly, which rapid7 could benefit by :)
--bob
On Wed, 23 Dec 2009, HD Moore wrote:
On 12/23/2009 9:40 AM, Bob Bruen wrote:The neXpose download does not work even after you enter in all your marketing info. I am trying it again, it behaves differently now, required fields are not labled, but now you must enter in everthing.I'll ask the folks who maintain it to double check field validation - it should be displaying an alert() when fields are missing. Are you using a plugin like NoScript?And when you finish, you do not get access to the software, you get a promise that some sales droid will get in touch in two days to "help" you get through the process.Download requests are approved in batches every ~10 minutes or so - the process is a little klunky since we don't have in-product registration yet. As soon as it is possible to obtain a license from within the product, we can avoid the web/email based activation process and smooth out the download process. Thank for giving NeXpose a shot - the latest version now supports full PDF/HTML reporting, which makes it immediately useful for auditing small networks. As far as I know, NeXpose Community edition is the only enterprise-ready vulnerability management solution available free-of-charge for commercial purposes. -HD _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
-- Dr. Robert Bruen Knujon http://knujon.com http://coldrain.net/bruen +1.802.579.6288 _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Metasploit Framework 3.3.3 Released! HD Moore (Dec 22)
- Re: Metasploit Framework 3.3.3 Released! HD Moore (Dec 22)
- Re: Metasploit Framework 3.3.3 Released! Bob Bruen (Dec 23)
- Re: Metasploit Framework 3.3.3 Released! HD Moore (Dec 23)
- Re: neXpose Bob Bruen (Dec 23)
- Re: Metasploit Framework 3.3.3 Released! HD Moore (Dec 23)
- neXpose Bob Bruen (Dec 23)
- neXpose url Eddie Akemu (Dec 28)
- Re: neXpose url HD Moore (Dec 28)
- neXpose url Eddie Akemu (Dec 28)