Introduction
Vuls is an open-source vulnerability scanner for Linux systems. It helps identify vulnerabilities by checking installed packages against various databases. In this guide, we will walk you through the installation and usage of Vuls on Ubuntu 24.04.
Prerequisites
- A server running Ubuntu 24.04.
- Root access or a user with
sudoprivileges. - Basic knowledge of the command line.
Step 1: Update the System
Before you begin, ensure that your system is up to date by running the following command:
sudo apt update && sudo apt upgrade -yStep 2: Install Required Dependencies
Install the required dependencies for Vuls:
sudo apt install -y git make gccStep 3: Install Go Programming Language
Vuls is written in Go, so you will need to install it:
sudo apt install -y golangSet up your Go workspace by adding it to your environment variables. Open your profile file:
nano ~/.profileAdd the following lines at the end of the file:
export GOPATH=$HOME/go
export PATH=$PATH:$GOPATH/binSave and exit the editor, then load the new environment variables:
source ~/.profileStep 4: Install Vuls
Clone the Vuls repository from GitHub:
git clone https://github.com/future-architect/vuls.gitNavigate into the Vuls directory:
cd vulsBuild the Vuls binary:
make buildAfter the build is complete, you can install it to your system:
sudo cp ./vuls /usr/local/bin/Step 5: Configure Vuls
Before running Vuls, you need to configure it. Create a sample configuration file:
sudo nano /etc/vuls.tomlAdd the following configuration, adjusting values as necessary:
[[target]]
host = "localhost"
[db]
dbtype = "sqlite3"
Save and exit the editor.
Step 6: Run Vuls
You can run Vuls to check for vulnerabilities with the following command:
sudo vuls scanAfter the scan is complete, you can view the results in the console. For detailed reports, you may want to output the results to a file:
sudo vuls scan --output /path/to/output.jsonStep 7: Use Vuls with Report Formats
The output can be customized to various formats, such as HTML or JSON. For example, to generate an HTML report:
sudo vuls report -format html --output /path/to/report.htmlStep 8: Schedule Regular Scans (Optional)
You can schedule Vuls to run automatically using cron. Open the crontab for editing:
sudo crontab -eAdd a line to run Vuls daily at midnight:
0 0 * * * /usr/local/bin/vuls scan --output /path/to/output.jsonConclusion
You have successfully installed and configured the Vuls Vulnerability Scanner on your Ubuntu 24.04 system. Keep running regular scans to ensure that your system remains secure and up to date.