Vulners agent¶
Vulners agent for Linux is an open source solution, which provides vulnerability assessment for Linux-based systems. The agent performs scans with minimum execution commands and, as a result, achieves extremely fast scanning speed. You will need the Python 3 to install the agent.
The agent gathers information about your operating system, its version, and any installed packages and patches. This information is then sent to Vulners API to find out which software is vulnerable. You can check how it works in manual mode to evaluate the results.
Installation Instructions¶
For RHEL-based Linux:¶
Configure the Vulners Repository
Create file /etc/yum.repos.d/vulners.repo
RHEL 6:
[vulners]
name=Vulners Agent
baseurl=https://repo.vulners.com/redhat/el6/
enabled=1
gpgcheck=1
gpgkey=https://repo.vulners.com/pubkey.txt
RHEL 7:
For RHEL 7, use the same steps but replace the base URL with https://repo.vulners.com/redhat/el7/
For Debian-based Linux:¶
Adding the Public Key
First, add vulners.com pubkey:
wget -O- https://repo.vulners.com/pubkey.txt | apt-key add -
Configure the Vulners List
Create the Vulners list file at /etc/apt/sources.list.d/vulners.list
:
deb http://repo.vulners.com/debian focal main
Install packet:¶
RHEL¶
yum install vulners-agent
Debian¶
Update your package list with apt-get update
and then install using apt-get install vulners-agent
.
Source code (NOT recommended)¶
For advanced users, cloning the source code and running scans via Python is possible. Ensure to use a virtual environment and follow these steps:
- Install dependencies with
pip3 install -r vulners-agent/requirements.txt
. - Configure the agent as outlined below.
- Execute the agent with
python3 vulners-agent/application --app Scanner
.
Configuration¶
To configure the agent, generate your API key, resembling:
RGB9YPJG7CFAXP35PMDVYFFJPGZ9ZIRO1VGO9K9269B0K86K6XQQQR32O6007NUK
Insert this key into the /etc/vulners/vulners_agent.conf
file as shown.
Example of the config file:
[DEFAULT]
api_key = YOUR_API_KEY_HERE
Advanced configuration¶
Modify /etc/vulners/vulners_agent.conf
for custom settings, including specific identification parameters:.
[DEFAULT]
api_key = YOUR_API_KEY_HERE
[Ticker]
ip_address = 10.0.0.1
fqdn = my.host.example.com
mac_address = 00:01:02:03:04:06
Execution¶
On its first run, the agent registers itself using the provided API key and performs a system scan. Initiate a scan with:
vulners-agent --app Scanner
View the agent's status and scan results in your personal account's Audit section