Self-Isolation, Home Networking, and Open Source: Recog and Rumble

Last updated at Thu, 16 Apr 2020 15:45:28 GMT

Hey, gang. You know I'm a big open source fan and occasional contributor, so I just wanted to take a moment on the blog here to muse, hope, and wish that this new era of self-isolation among all the hackers, developers, and network engineers of the world might afford a unique opportunity to contribute some code to a worthy open source project we run here at Rapid7: Recog and its free network fingerprinting database.

You thought I was going to say Metasploit, didn't you? Nope, that's the twist. While Metasploit is great and I love it, Recog is, right now, my favorite middle child of Rapid7's open source projects. Recog powers a lot of the remote, unauthenticated fingerprinting functionality in a few different security and networking tools: Metasploit itself, InsightVM, and, notably, Rumble from Critical Research Corporation.

You might already know this, but CRC was founded by former Rapid7 tech support code janitor and Metasploit creator, HD Moore, and Rumble is his latest labor of love. While Nmap is super good at discovering and identifying individual network services, Rumble is good at discovering and identifying things—everything from regular desktop computers down to weirdo oddball IoT devices. And Rumble is good at that in part due to the extensive fingerprint database used by Recog. That's where you come in.

See, a lot of us are working at home, and I would be willing to bet that a significant fraction of us out there aren't 100% aware of what's actually running on our own home networks. After all, many people have families and roommates who might be tossing stuff on our networks all willy-nilly, or associated some piece of IoT kit to our main Wi-Fi network and promptly forgot about it. Rumble and Recog can help you identify those devices—and in the very likely case that you run into something that you recognize, but Recog doesn't, you can help out by whipping up a signature and submitting it back to the Recog repo.

To make this easier, I chatted with HD and asked if he'd be willing to offer some free licenses to make this kind of crowd-sourced discovery and enumeration easier for folks like you and me, and, as you might guess from where this sentence is going, he agreed!

So, if you're an open source developer type, hop on GitHub and snag the latest development branch of Recog, then zip over to https://console.rumble.run/register to snag a 21-day free trial license to see what's kicking on your network. After that, you have my permission to blow off your next three Zoom meetings to knock out a few new signatures, comforted in the knowledge that you're contributing back to a delightful 2-clause BSD open source project that powers some of the most practical network fingerprinting around. At the very least, you'll find that your network's population is exactly what you thought it was, and you can tell your remote CISO that all is cool in your new workspace.