Rumble 1.16 Duplicate SSH Keys, Rogue Remote Access Solutions, and Device Serial Numbers/Asset Tags

|
Updated

Rumble v1.16 #

Rumble Network Discovery 1.16 is out, helping you find duplicate SSH keys, monitor for rogue remote access solutions, and collect device serial numbers and asset tags.

Finding Duplicate SSH Host Keys #

Rumble excels at finding outliers on the network, and finding duplicate SSH keys is one application of this. Vulnerability scanners can find a known bad SSH keys but they don't look for duplicate keys. Rumble collects all SSH key MD5 hashes and then pivots over the SSH host key MD5 to find keys that exist more than once.

Read more about finding duplicate SSH host keys

Screenshot of Rumble Automatic Agent to Site Assignment

Monitoring for Remote Access Solutions #

Remote Desktop Protocol (RDP) is a useful tool when enabled on a machine that's properly managed on the domain (that is if you're properly managing local accounts). However, RDP can also put you at risk if active on a machine that's not in your domain. It's typically tough to find those, but with Rumble you can. Rumble now detects the TeamViewer protocol on your network in addition to the existing coverage for RDP, VNC, SPICE, and PC Anywhere. This rounds off Rumble's broad support for monitoring remote access solutions.

Read more about monitoring for remote access solutions

Screenshot of Rumble Automatic Agent to Site Assignment

Collecting Device Serial Numbers and Asset Tags #

A few weeks ago, one of our customers asked us if we could pull serial numbers out of Cisco devices because this would be very useful for their MSSP business, and it's now included in Rumble. Pulling serial numbers remotely can be very useful to for support questions and to see if a device's warranty has expired and it should be replaced. You must have SNMP credentials (or the v2 community "public") configured for your scans for this query to work.

Read more about collecting serial numbers and asset tags

Screenshot of Rumble Automatic Agent to Site Assignment

Bug Fixes & Improvements #

  • The Inventory Search, Exports, and Reports are now significantly faster for large organizations.
  • The Agents page will now flag any Windows Agents with an obsolete version of Npcap installed.
  • The Dashboard now links to the top 5,000 results for asset types and service details.
  • An issue with Crestron probe has been resolved that could hang concurrent scans.
  • Rumble-provided queries can now be saved as per-account copies and modified.
  • The 169.254.0.0/16 subnet is no longer ignored when processing scan results.
  • The runZero Scanner now supports importing gzip-compressed scan data.
  • The runZero Scanner and Rumble Agent now detect the CheckMK service.
  • Partial site scans now consider ARP cache data from the entire site.
  • VMware ESXi versions are now reported correctly.

Release Notes #

The complete release notes for v1.16.0 can be found in our documentation

If you haven't had a chance to try runZero before, or would like to play with the new features, sign up for a free trial and let us know what you think!

Written by HD Moore

HD Moore is the founder and CEO of runZero. Previously, he founded the Metasploit Project and served as the main developer of the Metasploit Framework, which is the world's most widely used penetration testing framework.

More about HD Moore
Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.


Related Articles

runZero Insights
Taming the Typhoons: How runZero Keeps You Ahead of State-Sponsored Cyber Threats
China's Typhoon cyber attacks are evolving, but runZero helps you stay one step ahead with unmatched visibility and proactive defense.
runZero Insights
Ensure compliance with DORA’s ICT risk framework using runZero
Learn how to uncover unmanaged and unknown assets— including IT, OT, and IoT— to meet DORA's hidden risk requirements using runZero.
Life at runZero
Employee Spotlight: Doug Markiewicz
Doug Markiewicz is a strategic Customer Success Engineer with a passion for solving complex cybersecurity problems. Learn more about his journey as...
runZero Insights
Evolving from IT to IoT: Flax Typhoon preyed on the lesser knowns
A look at Flax Typhoon's latest operations, and how runZero’s unknown and IoT asset visibility can help calm the storm for security teams.

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

© Copyright 2024 runZero, Inc. All Rights Reserved