Rumble 2.2: HP iLO Analysis, Virtual Machine Fingerprinting, and VLAN Tracking
Rumble 2.2 is available with improved analysis capabilities for HP iLOs, virtual machine fingerprinting support, automatic VLAN membership tracking through switch enumeration, and much more.
The Rumble scan engine now enumerates detailed information from HP Integrated Lights-Out (iLO) modules and includes a new iLO-specific CSV export that allows enterprise customers to track warranties across the environment.
The inventory now includes detailed information for HP iLOs, including host names, MAC addresses, detailed hardware model information, iLO firmware version, and health status. The HP iLO CSV export includes everything necessary for warranty tracking as well as additional fields including:
- The configured Insight Remote Support server
- The health status of the module
- All active MAC addresses
- Authentication methods
In addition to the inventory, there are also three new asset attribute reports to help you find HP iLOs based on the server model, firmware version, and iLO model. You can use the firmware version report to quickly find outdated iLOs across the organization.
This release includes first-class reporting of virtual machine vendors and virtual hardware fields. A new asset attribute,
virtual, identifies the virtual machine vendor of each asset in your environment. You can use this attribute to query vendor-specific virtual machines, like VMware or VirtualBox. To list all virtual machines, you can use a query like
alive:t AND has:virtual. A new icon in the asset inventory indicates that a system is a virtual machine. Please note that these changes only take affect after your next scan completes.
For a quick breakdown by vendor, you can use the new virtual asset attribute report.
The new VLAN Membership Report breaks down all identified virtual LANs and the number of assets associated with each. Rumble reports VLAN associations for assets connected to a managed switch where SNMP credentials are available.
To help assess gaps, you can query
has:vlan to show all assets with a VLAN, or a query like
not has:vlan, to find assets where switch VLAN data is not available. You can also use a query like
vlan:40 to find all assets associated with a specific VLAN.
The Rumble Query Library helps you find things fast, which is particularly useful when a vulnerability disclosure requires immediate action. Recently, the Qualys research reported 21 new vulnerabilities in the Exim mail server software. Security updates are available, but getting a comprehensive list of affected systems can be tricky. You can use our pre-built query to find all Exim servers in your environment, fast.
This release includes a ton of other changes, including bug fixes, user experience tweaks, and other small udpates. Read the full changelog to see all improvements in Rumble 2.2.
Don’t have access to Rumble yet? Sign up for a free trial to try out these new capabilities.
June 8, 2021
Rumble 2.3: Find all internal subnets–fast
What’s new in Rumble 2.3? As usual, our point release is a roll-up of previous 2.2.x releases, and includes additional updates and features. This release primarily focuses on helping you quickly find all internal subnets with minimal network traffic. Here are the key …Read More
May 4, 2021
How to find Exim mail servers on your network
In their security advisory for 21Nails, the Qualys Research team communicated their discovery of several critical vulnerabilities in Exim mail servers that can be exploited for unauthenticated code execution and root privileges. Recently, maintainers of the Exim mail server …Read More
April 13, 2021
Rumble 2.1: Notification Templates, AWS EC2 Enrichment, and Cisco SNTC Exports
Rumble Network Discovery 2.1 Rumble 2.1 is now live with support for custom notification templates, AWS EC2 scan enrichment, Cisco serial number exports for SNTC, faster exports, more flexible imports, an updated Splunk Addon, and much more! Custom notification emails and …Read More