Updated connector for pulling Rapid7 vulnerability information into the Sourcefire Host Map. Tested with Sourcefire version 5.2. This is an update from the V1.5 version.
The Rapid7_connector.pl running on Windows (Nexpose server) fails to connect to the Defense Center. Error: SFPkcs12: Unable to get certificate. I put the pkcs12 file in the same location as the script. I also imported it into the certificate store but I still can’t get the connector to send information to Defense Center. Any help would be appreciated.
Did this ever get resolved?
Has there been any updates to the script? This script doesn't seem to work with Nexpose 6 and throws out java errors.
I've seen Java errors in 2 instance (both are easily fixable):
6. Create a user in Nexpose with access to the asset group(s) or site(s) you would like to integrate into SourceFire.
7. A YAML configuration file must be provided with information to make the connection with the Nexpose scanner. A template for this file is provided as part of the Rapid7 Connector package located in 'InputPlugins/Nexpose.yaml'. For more information on the contents of the YAML package please see the "YAML File Description" section below.
8. Edit the /InputPlugins/Nexpose.yaml file to include the userid, password, and IP address of the Nexpose Security Console.
9. Also necessary in the YAML file is a site_id or asset_id of the assets you wish to transfer. This can be obtained by browsing to the site or asset group in the Console and looking at the query string in the browsers address bar. You can choose an asset group comprised of multiple sites, if more than one site is desired.