The following example should work on Fedora based Linux distributions, which include: CentOS, RedHat, Amazon Linux etc (tested on CentOS and Red Hat 7).
Vulsctl was created to ease setup. Each shell script is a wrapper around Docker commands.
$ sudo systemctl start docker
$ git clone https://github.com/vulsio/vulsctl.git $ cd vulsctl
Fetch Vulnerability Databases
This will take some time ...
Config, Scan, Report
Prepare the config.toml in the vulsctl install directory similar to the configuration below.
[servers] [servers.hostos] host = "220.127.116.11" port = "22" user = "centos" # keypath in the Vuls docker container keyPath = "/root/.ssh/id_rsa"
The scan.sh will mount $HOME/.ssh from the host operating system into the Docker container, however you will need to SSH into the target server beforehand which will add your fingerprint to $HOME/.ssh/known_hosts.
$ ssh [email protected] -i ~/.ssh/id_rsa.pem $ ./scan.sh $ ./report.sh $ ./tui.sh
For details, see
vuls on the host
You can deploy
vuls on your host easily while using the install-host.sh script.
$ sudo bash install-host.sh
The support for RHEL and CentOS 6.x / 7.x is in pull requests.
$ ./vulsrepo.sh $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 39c8830dbeac ishidaco/vulsrepo "vulsrepo-server" 3 seconds ago Up 1 second 0.0.0.0:5111->5111/tcp focused_wu
Vulsrepo is running on http://host-ip:5111 .