This project allows developers to set up a local Nexpose Security Console for testing JupiterOne's Rapid7 InsightVM integration.
Existing code from this github repository was used as a guide to developing a docker-based console.
The docker container hosting a local Rapid7 Security Console instance can be started by running the following in a terminal:
yarn start:consoleOnce started, the console can be accessed from https://localhost:3780, the
default port of the Rapid7 Nexpose Security Console. The console can be accessed
with the default username/password nxadmin and nxpassword.
NOTE: The local console uses a self-signed TLS Certificate, and some users
may need to work around browser security checkpoints in order to access the
console. e.g. Chrome users should type thisisunsafe in their browser to
continue
The Rapid7 Security Console needs to be licensed for use. This project's developer docs describe the process for obtaining a one-time-use License Key.
After using the License Key to access the console in your running container,
developers must save the generated License File in order to re-use their
license when freshly starting this container. They can save the Rapid7 .lic
license file to this project's console/work directory, which will cause the
license file to be auto-installed any time the container is restarted.
> docker cp rapid7-vm-console-container:/opt/rapid7/nexpose/nsc/licenses/$(docker exec rapid7-vm-console-container sh -c "cd /opt/rapid7/nexpose/nsc/licenses/ && ls *.lic") console/workNow, with the license file copied into the container's work directory, the
license will be auto-installed when a new container is launched.
The console container can be stopped by running
yarn stop:console