Vulners agent¶

Vulners agent for Linux is an open source solution, which provides vulnerability assessment for Linux-based systems. The agent performs scans with minimum execution commands and, as a result, achieves extremely fast scanning speed. You will need the Python 3 to install the agent.

The agent gathers information about your operating system, its version, and any installed packages and patches. This information is then sent to Vulners API to find out which software is vulnerable. You can check how it works in manual mode to evaluate the results.

Vulners Audit IP Summary

Installation Instructions¶

For RHEL-based Linux:¶

Configure the Vulners Repository

Create file /etc/yum.repos.d/vulners.repo

RHEL 6:

[vulners]
name=Vulners Agent
baseurl=https://repo.vulners.com/redhat/el6/
enabled=1
gpgcheck=1
gpgkey=https://repo.vulners.com/pubkey.txt

RHEL 7:

For RHEL 7, use the same steps but replace the base URL with https://repo.vulners.com/redhat/el7/

For Debian-based Linux:¶

Adding the Public Key

First, add vulners.com pubkey:

wget -O- https://repo.vulners.com/pubkey.txt | apt-key add -

Configure the Vulners List

Create the Vulners list file at /etc/apt/sources.list.d/vulners.list:

deb http://repo.vulners.com/debian focal main

Install packet:¶

RHEL¶

yum install vulners-agent

Debian¶

Update your package list with apt-get update and then install using apt-get install vulners-agent.

Source code (NOT recommended)¶

For advanced users, cloning the source code and running scans via Python is possible. Ensure to use a virtual environment and follow these steps:

Install dependencies with pip3 install -r vulners-agent/requirements.txt.
Configure the agent as outlined below.
Execute the agent with python3 vulners-agent/application --app Scanner.

Configuration¶

To configure the agent, generate your API key, resembling:

RGB9YPJG7CFAXP35PMDVYFFJPGZ9ZIRO1VGO9K9269B0K86K6XQQQR32O6007NUK

Insert this key into the /etc/vulners/vulners_agent.conf file as shown.

Example of the config file:

[DEFAULT]
api_key = YOUR_API_KEY_HERE

A single API key can be used across all your agents for convenience.

Advanced configuration¶

Modify /etc/vulners/vulners_agent.conf for custom settings, including specific identification parameters:.

[DEFAULT]
api_key = YOUR_API_KEY_HERE

[Ticker]
ip_address = 10.0.0.1
fqdn = my.host.example.com
mac_address = 00:01:02:03:04:06

Execution¶

On its first run, the agent registers itself using the provided API key and performs a system scan. Initiate a scan with:

vulners-agent --app Scanner

View the agent's status and scan results in your personal account's Audit section