Vulners Agent is open source agent, which provides vulnerability assessment for linux-based systems. Agent solution perfoms scanning with minimum commands for execution and as a result achieve extremely fast scan. Agent is developed with Python and uses OS environment variables to detect used Python version.
Agent gathers information about operating system, it's version and installed packages. These information is sent to vulners.com API and results can be viewed via audit result
Configure repository for rhel-based linux:¶
Create file /etc/yum.repos.d/vulners.repo
[vulners] name=Vulners Agent baseurl=https://repo.vulners.com/redhat/el6/ enabled=1 gpgcheck=1 gpgkey=https://repo.vulners.com/pubkey.txt
[vulners] name=Vulners Agent baseurl=https://repo.vulners.com/redhat/el7/ enabled=1 gpgcheck=1 gpgkey=https://repo.vulners.com/pubkey.txt
Configure repository for debian-based linux:¶
First add vulners.com pubkey:
wget -O- https://repo.vulners.com/pubkey.txt | apt-key add -
After this create file /etc/apt/sources.list.d/vulners.list
deb http://repo.vulners.com/debian focal main
yum install vulners-agent
apt-get update && apt-get install vulners-agent
Source code (We don't recommend this way)¶
You could clone source code of package and perform scans using python.
According best practices you should use virtual environment
* install requirements.txt with
pip3 install -r vulners-agent/requirements.txt
* configure agent as described below
python3 vulners-agent/application --app Scanner
Now you should get api-key for agent registration. Log in to vulners.com and go to userinfo space. Here you should choose "API Key" section. Generate new key with 'scan' scope and copy it. An api-key looks like this: RGB9YPJG7CFAXP35PMDVYFFJPGZ9ZIRO1VGO9K9269B0K86K6XQQQR32O6007NUK
It's time to write generated key into agent configuration. You can find agent configuration in file /etc/vulners/vulners_agent.conf
Here is example of config file:
[DEFAULT] api_key = RGB9YPJG7CFAXP35PMDVYFFJPGZ9ZIRO1VGO9K9269B0K86K6XQQQR32O6007NUK
During first run agent will be automatically registered with configured api_key
To perform your system scan run
vulners-agent --app Scanner.
After this you may look at agent status and scanning results at https://vulners.com/audit
Using /etc/vulners/vulners_agent.conf you can override part of the identification parameters.
[DEFAULT] api_key = RGB9YPJG7CFAXP35PMDVYFFJPGZ9ZIRO1VGO9K9269B0K86K6XQQQR32O6007NUK [Ticker] ip_address = 10.0.0.1 fqdn = my.host.example.com mac_address = 00:01:02:03:04:06