https://linuxsecurity.expert/security-t ... y-scanners or just a selection?
Or add ones that the article omits?
I want to create one Module that turns Port into a vulnerability, security and network scanner.
brokenman replied to this post (in a different thread)
The issue, due to RL I currently not have that much free time. I tried getting as much as I can just via usm but the result is quite... tiny.
I want to add chkrootkit and rkhunter. (In the past I always tended more towards the later, but I also thought that it updates only on rare occasions. )
I only today found out about ISPProtect. Does anyone know how good that is? Sadly (see below) it is one of the many programs usm does not find.
These are the not found via usm:
Code: Select all
Nothing found for ISPProtect
Nothing found for: arch-audit
Nothing found for: Archery
Nothing found for: BDA
Nothing found for: CMSmap
Nothing found for: Dagda
Nothing found for: flunym0us
Nothing found for: Intrigue
Nothing found for: JexBoss
Nothing found for: Prowler
Nothing found for: Safety
Nothing found for: salt-scanner
Nothing found for: Tulpar
Nothing found for: vane
Nothing found for: VScan
Nothing found for: Vuls
Nothing found for: vulscan
Nothing found for: w3af
Nothing found for: Wapiti
Nothing found for: Whitewidow
Nothing found for: Yasuo
This would help a lot when you have to check a dozen packages if usm gives a recent version, or an outdated one...
Also most probably nil found:
Code: Select all
root@porteus:/5/Porteus_modules/vulnerability-scanners# usm -g Bash Scanner
find: `/tmp/xdg-runtime-guest/gvfs': Permission denied
The following items were found.
Choose an number to confirm.
ctrl+c to quit
1) bash-4.3.046-x86_64-1.txz 4) bashish-2.2.4-x86_64-1_slonly.txz
2) bash-completion-2.2-noarch-3.txz 5) bashrun-0.16.1-noarch-1_slonly.txz
3) bashdb-4.4_0.92-noarch-1_slonly.txz 6) bashrun2-0.2.2-x86_64-3_slonly.txz
Unsure with nmap, have not used it in ages:And
Code: Select all
nmap
1) nmap-7.12-x86_64-1.txz
#? 1
Processing: nmap-7.12-x86_64-1.txz
Ignored libraries:
Libraries required: 8
Libraries found in system: 7
Libraries to resolve: 1
Processing library: libnl.so.1
Processing: libnl-1.1.4-x86_64-1.txz
Ignored libraries:
Libraries required: 2
Libraries found in system: 2
Libraries to resolve: 0
Which library and why. But with nmap I presume someone else might already made a recent module with only the bare minimum of libraries. (Hopefully)
Code: Select all
1) openvas-cli-1.4.5-x86_64-1_slonly.txz
2) openvas-libraries-8.0.9-x86_64-1_slonly.txz
3) openvas-manager-6.0.11-x86_64-1_slonly.txz
4) openvas-scanner-5.0.8-x86_64-1_slonly.txz
So, what I do have looks just like so:
Code: Select all
-rw-r--r-- 1 root 311296 2018-12-16 21:00 chkrootkit-0.52-x86_64-1_slonly.xzm
-rw-r--r-- 1 root 541564 2013-07-30 23:15 libnl-1.1.4-x86_64-1.txz
-rw-r--r-- 1 root 237568 2018-12-16 21:08 lynis-2.6.6-x86_64-1_slonly.xzm
-rw-r--r-- 1 root 5634244 2016-04-09 06:02 nmap-7.12-x86_64-1.txz
-rw-r--r-- 1 root 7385088 2018-12-16 21:09 nmap-7.12-x86_64-bundle.xzm
-rw-r--r-- 1 root 410788 2012-09-04 19:58 pygobject-2.28.6-x86_64-2.txz
-rw-r--r-- 1 root 249856 2018-12-16 21:01 rkhunter-1.4.6-x86_64-1_slonly.xzm
Conclusion
From the long list in the above linked article, with the 3 added ones, I only have managed to get these via usm:
chkrootkit-0.52-x86_64-1_slonly.xzm
lynis-2.6.6-x86_64-1_slonly.xzm
nmap-7.12-x86_64-bundle.xzm
rkhunter-1.4.6-x86_64-1_slonly.xzm
As I already said, I most probably will not have much free time the next weeks and months due to RL... so unless someone jumps in to help with this project it will be either dead or dormant for a time.