Vuls Vulnerability Scanner: Best Linux OS Security Scanner

Vuls is a powerful, agentless vulnerability scanner designed to scan multiple operating systems, including Linux distributions, and detect vulnerabilities in real time. It is known for its ability to perform both local and remote scanning with ease, using multiple methods, such as fast and deep scans. By leveraging data from various vulnerability databases, Vuls ensures you can stay ahead of emerging threats by identifying vulnerabilities before they can be exploited.

If you’re looking to set up Vuls on an Ubuntu Server 22.04, this guide will walk you through the installation process and how to use Vuls effectively to secure your systems.

What You’ll Need

Before you start the installation process, ensure you have the following:

• A Linux-based system (we’ll use Ubuntu Server 22.04 for this guide)
• A user account with sudo privileges
• An active internet connection to download necessary dependencies and Vuls packages

Installation Methods for Vuls

There are two methods to install Vuls, and while the first method is slightly more time-consuming, it guarantees you get the latest version of Vuls. The second method is quicker, but the version may not be the most recent one.

1. Method 1: Install the Latest Version (Preferred)

This method provides you with the most up-to-date version of Vuls and is recommended if you need the latest security features.

Step 1: Update and Upgrade Your System
Run the following command to update your system’s package lists and upgrade any outdated packages:

sudo apt-get update && sudo apt-get upgrade -y

Step 2: Install Required Dependencies
To install the necessary dependencies, run:

sudo apt-get install debian-goodies reboot-notifier -y

Step 3: Download the Vuls Installer Script
Download the installation script using wget:

wget https://raw.githubusercontent.com/vulsio/vulsctl/master/install-host/install.sh

Step 4: Make the Script Executable
Next, give the installer script executable permissions:

chmod u+x install.sh

Step 5: Run the Installer
Execute the installer with the following command:

sudo ./install.sh

When prompted, type “y” and press Enter to proceed with the installation. It should take around 2 to 5 minutes to complete.

Step 6: Verify the Installation
After installation is finished, you can verify the installation by running:

vuls help

If successful, you’ll see the Vuls help menu with available commands.

2. Method 2: Install from the Ubuntu Repository (Faster Installation)

If you prefer a quicker installation and don’t mind using a potentially outdated version, you can install Vuls directly from Ubuntu’s package repository.

Step 1: Install Vuls
Run the following command to install Vuls:

sudo apt-get install vuls -y

Once the installation completes, you can proceed with the next steps.

Configuring Vuls

After installing Vuls, you’ll need to configure it properly to start scanning your system. Here’s how you can set it up:

Step 1: Create a Directory for Vuls
Run the following command to create a new directory:

sudo mkdir /opt/vuls

Step 2: Change to the Vuls Directory
Navigate to the directory:

cd /opt/vuls

Step 3: Create the Configuration File
Create the configuration file using nano:

sudo nano config.toml

Step 4: Paste the Configuration Settings
In the config.toml file, paste the following configuration:

[cveDict]
type = "sqlite3"
SQLite3Path = "/opt/vuls/cve.sqlite3"

[ovalDict]
type = "sqlite3"
SQLite3Path = "/opt/vuls/oval.sqlite3"

[gost]
type = "sqlite3"
SQLite3Path = "/opt/vuls/gost.sqlite3"

[metasploit]
type = "sqlite3"
SQLite3Path = "/opt/vuls/go-msfdb.sqlite3"

[servers]

[servers.localhost]
host = "localhost"
port = "local"
scanMode = [ "fast-root" ]

Step 5: Test the Configuration
Run the configuration test:

sudo vuls configtest

If everything is set up correctly, you should see a confirmation message, like:

[INFO] Scannable servers are below…
localhost

Setting Up the CVE Database

Vuls relies on CVE databases to detect vulnerabilities. You will need to fetch the latest CVE data to ensure comprehensive vulnerability scanning.

Run the following commands to fetch data from the relevant sources:

sudo gost fetch debian --dbpath /opt/vuls/gost.sqlite3
sudo go-cve-dictionary fetch nvd --dbpath /opt/vuls/cve.sqlite3
sudo goval-dictionary fetch debian 12 --dbpath /opt/vuls/oval.sqlite3
sudo go-msfdb fetch msfdb --dbpath /opt/vuls/go-msfdb.sqlite3

This process will download the databases for Debian, NVD, OVAL, and Metasploit. These will help Vuls identify vulnerabilities within your system.

Running a Scan with Vuls

Now that everything is set up, it’s time to perform a scan.

Step 1: Run a Local Scan
To scan the local machine, run:

sudo vuls scan localhost

Step 2: View the Scan Results
Once the scan completes, you can view the results using:

sudo vuls tui

This will open a terminal user interface showing any vulnerabilities found.

Vuls is an essential tool for vulnerability management and cybersecurity in Linux environments. By following this guide, you’ll have Vuls installed and configured on your Ubuntu Server 22.04 or any other compatible system. It’s an easy-to-use, agentless vulnerability scanner that helps protect your infrastructure from emerging threats.

By regularly running Vuls scans, keeping your systems updated, and using the best practices outlined, you can ensure your systems remain secure against known vulnerabilities.