Vulners Agent¶
Vulners Agent is open source agent, which provides vulnerability assessment for linux-based systems. Agent solution perfoms scanning with minimum commands for execution and as a result achieve extremely fast scan. Agent is developed with Python and uses OS environment variables to detect used Python version.
Agent gathers information about operating system, it's version and installed packages. These information is sent to vulners.com API and results can be viewed via audit result
Agent installation¶
Configure repository for rhel-based linux:¶
Create file /etc/yum.repos.d/vulners.repo
For rhel6:
[vulners]
name=Vulners Agent
baseurl=https://repo.vulners.com/redhat/el6/
enabled=1
gpgcheck=1
gpgkey=https://repo.vulners.com/pubkey.txt
For rhel7:
[vulners]
name=Vulners Agent
baseurl=https://repo.vulners.com/redhat/el7/
enabled=1
gpgcheck=1
gpgkey=https://repo.vulners.com/pubkey.txt
Configure repository for debian-based linux:¶
First add vulners.com pubkey:
wget -O- https://repo.vulners.com/pubkey.txt | apt-key add -
After this create file /etc/apt/sources.list.d/vulners.list
deb http://repo.vulners.com/debian focal main
Install packet:¶
RHEL¶
yum install vulners-agent
Debian¶
apt-get update && apt-get install vulners-agent
Source code (We don't recommend this way)¶
You could clone source code of package and perform scans using python.
According best practices you should use virtual environment
* install requirements.txt with pip3 install -r vulners-agent/requirements.txt
* configure agent as described below
* run python3 vulners-agent/application --app Scanner
Agent configuration¶
Now you should get api-key for agent registration. Log in to vulners.com and go to userinfo space. Here you should choose "API Key" section. Generate new key with 'scan' scope and copy it. An api-key looks like this: RGB9YPJG7CFAXP35PMDVYFFJPGZ9ZIRO1VGO9K9269B0K86K6XQQQR32O6007NUK
It's time to write generated key into agent configuration. You can find agent configuration in file /etc/vulners/vulners_agent.conf
Here is example of config file:
[DEFAULT]
api_key = RGB9YPJG7CFAXP35PMDVYFFJPGZ9ZIRO1VGO9K9269B0K86K6XQQQR32O6007NUK
Agent execution¶
During first run agent will be automatically registered with configured api_key
To perform your system scan run vulners-agent --app Scanner
.
After this you may look at agent status and scanning results at https://vulners.com/audit
Advanced configuration¶
Using /etc/vulners/vulners_agent.conf you can override part of the identification parameters.
[DEFAULT]
api_key = RGB9YPJG7CFAXP35PMDVYFFJPGZ9ZIRO1VGO9K9269B0K86K6XQQQR32O6007NUK
[Ticker]
ip_address = 10.0.0.1
fqdn = my.host.example.com
mac_address = 00:01:02:03:04:06