GitHub - ownhrd/vulners-scanner: Скрипт поиска уязвимых пакетов на *nix хостах / Script for searching vulnerable packages on *nix hosts

RUS

Скрипт поиска уязвимых пакетов на *nix хостах (Ubuntu 14.04/16.04, CentOS 6/7, Debian 8). Берет список установленных пакетов по ssh и выполняет проверку. Так же отправляет метрики в Zabbix.

Установка:

Скопировать скрипты в /root/vulners-scanner
Создать директорию с ключами mkdir /root/vulners-scanner/vulners-key
Сгенерировать ключ ssh-keygen

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): /root/vulners-scanner/vulners-key/vulners_key
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/vulners-scanner/vulners-key/vulners_key.
Your public key has been saved in /root/vulners-scanner/vulners-key/vulners_key.pub.
The key fingerprint is:
SHA256:PREggK5EdKt6/y/nfZwYtg1M35HAL/vry+mBanHWMY4 [email protected]
The key's randomart image is:
+---[RSA 2048]----+
|.. o... ....     |
| .o .  .   .o    |
|.. .      .  o . |
| .o      .... *  |
|.o      Soo. B + |
|o         *.E.+  |
|. .      . @.o.  |
| . .  . ..+.=..o |
|    ...=o.o. oBo |
+----[SHA256]-----+

chmod 600 /root/vulners-scanner/vulners-key/vulners_key*
Добавить 2 задания в /etc/cron.d:

check_vulners

# start check vulners daily at 8am
55 7 * * * root bash /root/vulners-scanner/get_vulners_db.sh &> /var/log/get_vulners_db_debug
00 8 * * * root bash /root/vulners-scanner/sendmail.sh &> /var/log/vulners_debug

check_vulners_hourly

# start check vulners hourly
0 * * * * root bash /root/vulners-scanner/get_vulners_db.sh &> /var/log/get_vulners_db_debug
0 * * * * root python /root/vulners-scanner/vulners_over_ssh_scanner.py &> /var/log/zbx_vulners_debug

Импортировать Template_App_Vulners_Trap.xml в Zabbix
Список проверяемых хостов: hosts
Установить необходимые модули для Python yum install python-paramiko epel-release python-pip && pip install py-zabbix executor
Добавление пользователя для сканирования:

useradd vulners-scanner
mkdir -p -m 700 /home/vulners-scanner/.ssh
echo "ssh-rsa XXX" >> /home/vulners-scanner/.ssh/authorized_keys
chown -R vulners-scanner:vulners-scanner /home/vulners-scanner/
chmod 600 /home/vulners-scanner/.ssh/authorized_keys
echo "vulners-scanner:password" | chpasswd

ENG

Script for searching for vulnerable packages on *nix hosts (Ubuntu 14.04/16.04, CentOS 6/7, Debian 8). Get a list of installed packages on ssh and performs a check. The same sends metrics to Zabbix.

Installation:

Copy scripts in /root/vulners-scanner
Create directory with keys mkdir /root/vulners-scanner/vulners-key
Generate key ssh-keygen

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): /root/vulners-scanner/vulners-key/vulners_key
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/vulners-scanner/vulners-key/vulners_key.
Your public key has been saved in /root/vulners-scanner/vulners-key/vulners_key.pub.
The key fingerprint is:
SHA256:PREggK5EdKt6/y/nfZwYtg1M35HAL/vry+mBanHWMY4 [email protected]
The key's randomart image is:
+---[RSA 2048]----+
|.. o... ....     |
| .o .  .   .o    |
|.. .      .  o . |
| .o      .... *  |
|.o      Soo. B + |
|o         *.E.+  |
|. .      . @.o.  |
| . .  . ..+.=..o |
|    ...=o.o. oBo |
+----[SHA256]-----+

chmod 600 /root/vulners-scanner/vulners-key/vulners_key*
Add 2 tasks in /etc/cron.d:

check_vulners

# start check vulners daily at 8am
55 7 * * * root bash /root/vulners-scanner/get_vulners_db.sh &> /var/log/get_vulners_db_debug
00 8 * * * root bash /root/vulners-scanner/sendmail.sh &> /var/log/vulners_debug

check_vulners_hourly

# start check vulners hourly
0 * * * * root bash /root/vulners-scanner/get_vulners_db.sh &> /var/log/get_vulners_db_debug
0 * * * * root python /root/vulners-scanner/vulners_over_ssh_scanner.py &> /var/log/zbx_vulners_debug

Import template Template_App_Vulners_Trap.xml в Zabbix
List of hosts to check: hosts
Install the necessary modules for Python yum install python-paramiko epel-release python-pip && pip install py-zabbix executor
Add user for scan:

useradd vulners-scanner
mkdir -p -m 700 /home/vulners-scanner/.ssh
echo "ssh-rsa XXX" >> /home/vulners-scanner/.ssh/authorized_keys
chown -R vulners-scanner:vulners-scanner /home/vulners-scanner/
chmod 600 /home/vulners-scanner/.ssh/authorized_keys
echo "vulners-scanner:password" | chpasswd

Name		Name	Last commit message	Last commit date
Latest commit History 8 Commits
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
Template_App_Vulners_Trap.xml		Template_App_Vulners_Trap.xml
get_vulners_db.sh		get_vulners_db.sh
hosts		hosts
sendmail.sh		sendmail.sh
vulners_over_ssh_scanner.py		vulners_over_ssh_scanner.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

RUS

Скрипт поиска уязвимых пакетов на *nix хостах (Ubuntu 14.04/16.04, CentOS 6/7, Debian 8). Берет список установленных пакетов по ssh и выполняет проверку. Так же отправляет метрики в Zabbix.

ENG

Script for searching for vulnerable packages on *nix hosts (Ubuntu 14.04/16.04, CentOS 6/7, Debian 8). Get a list of installed packages on ssh and performs a check. The same sends metrics to Zabbix.

About

Releases

Packages

Languages

License

ownhrd/vulners-scanner

Folders and files

Latest commit

History

Repository files navigation

RUS

Скрипт поиска уязвимых пакетов на *nix хостах (Ubuntu 14.04/16.04, CentOS 6/7, Debian 8). Берет список установленных пакетов по ssh и выполняет проверку. Так же отправляет метрики в Zabbix.

ENG

Script for searching for vulnerable packages on *nix hosts (Ubuntu 14.04/16.04, CentOS 6/7, Debian 8). Get a list of installed packages on ssh and performs a check. The same sends metrics to Zabbix.

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages