(Document) Vulnerabilities Scanner Vuls
Vuls est un scanner de failles de sécurité (ou vulnérabilités) qui s'appuie sur les dictionnaires existants.
Installer comme suit :
root@local:/usr/local/www/webapp/application # pkg search vuls
vuls-0.4.2.2 Agentless vulnerability scanner
root@local:/usr/local/www/webapp/application # pkg inst vuls
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
pkg: py34-gobject3 has a missing dependency: py34-cairo
The following 2 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
vuls: 0.4.2.2
go-cve-dictionary: 0.1.1.1
Number of packages to be installed: 2
The process will require 28 MiB more space.
8 MiB to be downloaded.
Proceed with this action? [y/N]: y
[1/2] Fetching vuls-0.4.2.2.txz: 100% 4 MiB 925.3kB/s 00:05
[2/2] Fetching go-cve-dictionary-0.1.1.1.txz: 100% 3 MiB 837.8kB/s 00:04
Checking integrity... done (0 conflicting)
[1/2] Installing go-cve-dictionary-0.1.1.1...
===> Creating groups.
Creating group 'vuls' with gid '888'.
===> Creating users
Creating user 'vuls' with uid '888'.
[1/2] Extracting go-cve-dictionary-0.1.1.1: 100%
[2/2] Installing vuls-0.4.2.2...
[2/2] Extracting vuls-0.4.2.2: 100%
Message from go-cve-dictionary-0.1.1.1:
===============================================================================
Congratulations, you have installed go-cve-dictionary!
go-cve-dictionary does not ship any CVE database.
To download CVEs from 2002 until present run:
for i in `seq 2002 $(date +"%Y")`;
do go-cve-dictionary fetchnvd -years $i;
done
After download, set the permissions of the CVE databases:
chown vuls:vuls /var/db/vuls/* /var/log/vuls/*
To enable go-cve-dictionary and start:
sysrc go_cve_dictionary_enable="YES"
service go-cve-dictionary start
===============================================================================
Message from vuls-0.4.2.2:
===============================================================================
Vuls requires the cve.sqlite3 database provided by go-cve-dictionary
===============================================================================
root@local:/usr/local/www/webapp/application #
Comme indiqué sur la sortie, configurer go-cve-dictionnary :
bash
for i in `seq 2002 $(date +"%Y")`; do go-cve-dictionary fetchnvd -years $i; done
Créer le fichier config.toml dans $HOME avec le contenu suivant :
[servers]
[servers.localhost]
host = "localhost"
port = "local"
Configurer les permissions :
chown vuls:vuls /var/db/vuls/* /var/log/vuls/*
Lancer au démarrage du système :
sysrc go_cve_dictionary_enable="YES"
service go-cve-dictionary start
Pour l'utiliser :
vuls scan
vuls report
Bases de données complémentaires :
Ce document a été publié le 2019-02-21 09:15:07. (Dernière mise à jour : 2019-04-24 13:16:05.)