Rumble 2.8: Synchronize your VMware inventory, import Censys scan data, and run RFC 1918 scans faster

November 2, 2021, by

Thao Doan

What’s new with Rumble 2.8?

Integration improvements

Scan, search, and self-hosted improvements

User experience improvements

Integration improvements

Synchronize your VMware virtual machine inventory

Rumble Enterprise users can now synchronize their VMware vCenter and ESXi virtual machine inventories with Rumble. Integrating with VMware allows you to track virtual machines, enrich assets with virtual hardware and guest operating attributes, in addition to networking details. VMware discovery is implemented through the scanner; get started by adding your VMware credentials and selecting them in your scan.

VMware integration

Import external scan data from Censys

Rumble Enterprise now integrates with the Censys platform, supporting the Censys Search API (paid and free tiers) and Censys data files. This integration allows you to import scan data from Censys to enrich your inventory with additional details and context for external-facing assets.

There are a couple of ways to leverage the Censys integration:

  • You can specify a Censys search query and pull all matching assets from Censys into Rumble.
  • You can take all the external IP addresses from an organization in Rumble, query them in Censys, and overlay the information on your Rumble inventory.

To set up the integration, you will need to add Censys Search API credentials and set up a connector in Rumble. Rumble will connect to the Censys Search API to pull in and add the asset data to your inventory. The Censys API integration can also be used from the command-line scanner.

In addition, subscribers to Censys data can now use the Rumble scanner to extract specific network ranges from Censys Avro data files. Host information can be written to Rumble scan data files for later upload, or automatically uploaded to a specific site.

Scan, search, and self-hosted improvements

Discover all RFC 1918 networks–faster and easier

Identify all private assets connected to your private RFC 1918 networks with Rumble, faster, and easier than ever. The new Full RFC 1918 Discovery preset lets you run an RFC 1918 internal scan with just one click. For Rumble Enterprise and Professional users, running the RFC 1918 scan will help you identify undocumented IP spaces and close gaps discovered in the RFC 1918 Coverage Report. The preset has default scan settings optimized for speed, but can be customized to tune the scan rate, ports, and scope based on your environment.

RFC 1918 quick mode

Customize scan schedules with more options

Running scans routinely helps ensure that your asset inventory is always up-to-date. To help you stay on top of your scans, Rumble 2.8 introduces the ability to fully customize scan times based on the frequency you have selected. There is a new scan frequency option called Nth weekday of month that lets you schedule scans for specific days of the month, like the first Monday of the month. You can also run scans on specific days of the week, like only on Mondays and Wednesdays.

Scan schedule frequency

Configure multiple SNMP v3 credentials per scan

You can now configure multiple SNMP v3 credentials per scan. To get started, add an SNMP v3 credential to your account. When you create a scan, you can choose what credentials to use from the Credentials tab. You can also add SNMP v2 community string credentials to your account to use in scans. SNMP v2 and v3 credentials can be constrained to specific subnets and organizations.

Download diagnostic logs for tasks

You can download diagnostic logs to troubleshoot issues that may occur with your scan, import, and connector tasks. Diagnostic logs are available for completed and failed tasks and viewable from the task details page.

Task log

Supported TLS version enumeration

Rumble 2.8 helps you shine a light on older versions of TLS/SSL that are still supported by an asset. Good cyber hygiene means taking care of any assets still supporting SSLv2 or v3 as soon as possible. Remember Heartbleed?

To identify assets that support older versions, there are two new service attributes you can look at:

  • tls.supportedVersionNames - Shows the version names supported by an asset service (e.g., SSLv2).
  • tls.supportedVersions - Shows the versions supported by an asset service (e.g. 0x0200).

We’ve also added a prebuilt query to our library to help you quickly identify assets that support SSL v2 or SSL v3.

Supported TLS enumeration

Rumble also shows the default TLS version an endpoint negotiates. You can look at the tls.version and tls.versionName (and all other tls.* attributes for an asset service) for more information around this TLS version.

Self-host Rumble on more operating systems

You can self-host Rumble now on Debian Linux 9, 10, and 11 and Oracle Linux 7.x and 8.x x86_64.

User experience improvements

Manage third-party credentials globally

You might have noticed, but we’ve added quite a few integrations recently. While we added third-party credential management in Rumble 2.4, it wasn’t the easiest to find (it was in your account settings). We wanted to make it easier for you to configure and manage your credentials, so we added a new Credentials menu under your Global Settings. It’ll take you directly to all of your credentials. Happy integrating!

Global credential management

Easily see recurring and scheduled task details

The Tasks page now shows cards for recurring and scheduled tasks, making it easier to view details on a task-level. Each card displays the schedule type, site, explorer, and source, as well as the run details. The card view will help you quickly check the status of upcoming tasks, as well as see when they are running next. Cards also have modify, copy, and remove actions available for the task.

Task card

Build your search query with an editor

The Search bar has a new look and feel that matches the other updated areas of the UI. There is a new Edit query button that opens a new, resizable multi-line editor for your query input. Use this editor when you have long queries, and you want to see the query in its entirety. The save, copy query link, and reset buttons have been moved next to the Search bar.

Search editor

Release notes

This release includes a rollup of all the 2.7.x updates. Read the changelog to see all the improvements and updates in this release.

Get started with Rumble

Want to take Rumble for a spin? Sign up for a free trial to try out these capabilities free for 21 days.

Similar Content

October 5, 2021

Rumble 2.7: New dashboard, multi-subscription Azure, AWS ELBs, Splunk add-on improvements, and faster discovery for Rumble Professional

What’s new with Rumble 2.7? User experience improvements Get insights, trends, and visualizations from your dashboard Easily navigate configuration pages for scans, imports, connections, and more Know when your connector credentials are invalid Integration …

Read More

September 30, 2021

Fingerprinting Windows build numbers

Our goal at Rumble is to help customers identify everything on their networks, quickly, and without authentication. This process is driven by research, which often leads to dead ends, but sometimes we learn interesting things along the way. This post explores recent research …

Read More

September 8, 2021

Rumble 2.6: Integrate with Microsoft Azure Cloud, identify EOL assets, self-host in offline mode, and detect more protocols

What’s new with Rumble 2.6? Synchronize your Azure VM inventory with Rumble Identify assets running end-of-life OS versions Support for NFS, PPTP, and “r” services Updates to the CrowdStrike integration Install and update self-hosted Rumble in offline mode See new …

Read More