Improve setup/docker
This commit is contained in:
kota kanbe
@@ -1,21 +1,8 @@
|
||||
# Vuls on Docker
|
||||
|
||||
## Table of Contens
|
||||
|
||||
- [What's Vuls-On-Docker?](#whats-vuls-on-docker)
|
||||
- [Server Setup](#setting-up-your-machine)
|
||||
- Install Docker
|
||||
- Instal Docker Compose
|
||||
- [Start A Vuls Container](#start-a-vuls-container)
|
||||
- [Vuls Setup](#setting-up-vuls)
|
||||
- Locate a appropriate ssh-key
|
||||
- Edit toml
|
||||
- [Scan servers with Vuls-On-Docker](#scan-servers-with-vuls-on-docker)
|
||||
- [See the results in a browser](#see-the-results-in-a-browser)
|
||||
|
||||
## What's Vuls-On-Docker
|
||||
|
||||
- This is a dockernized-Vuls with DockerRepo UI in it.
|
||||
- This is a dockernized-Vuls with vulsrepo UI in it.
|
||||
- It's designed to reduce the cost of installation and the dependencies that vuls requires.
|
||||
- You can run install and run Vuls on your machine with only a few commands.
|
||||
- The result can be viewed with a browser
|
||||
@@ -30,27 +17,29 @@
|
||||
$ docker version
|
||||
$ docker-compose version
|
||||
```
|
||||
|
||||
4. Create a working directory for Vuls
|
||||
|
||||
|
||||
4. git clone vuls
|
||||
```
|
||||
mkdir work
|
||||
cd work
|
||||
git clone https://github.com/hikachan/vuls.git
|
||||
cd vuls/docker
|
||||
git clone https://github.com/future-architect/vuls.git
|
||||
cd vuls/setup/docker
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## Start A Vuls Container
|
||||
|
||||
- Execute the following command to build and run a Vuls Container
|
||||
|
||||
``
|
||||
docker-compose up -d
|
||||
``
|
||||
```
|
||||
$ cd $GOPATH/src/github.com/future-architect/vuls/docker
|
||||
$ docker-compose up -d
|
||||
```
|
||||
|
||||
## Setting up Vuls
|
||||
|
||||
1. Locate ssh-keys of servers in (vuls/docker/conf/id_rsa)
|
||||
1. Locate ssh-keys of targer servers in (vuls/docker/conf/)
|
||||
2. Create and ajust config.toml(vuls/docker/conf/config.toml) to your environment
|
||||
|
||||
```
|
||||
@@ -60,7 +49,13 @@
|
||||
host = "172.31.4.82"
|
||||
user = "ec2-user"
|
||||
keyPath = "conf/id_rsa"
|
||||
containers = ["container_name_a", "4aa37a8b63b9"]
|
||||
```
|
||||
|
||||
## Fetch Vulnerability database
|
||||
|
||||
- Fetch Vulnerability database from NVD
|
||||
```
|
||||
$ docker exec -t vuls scripts/fetch_nvd_all.sh
|
||||
```
|
||||
|
||||
## Scan servers with Vuls-On-Docker
|
||||
@@ -68,8 +63,8 @@
|
||||
- Use the embedded script to scan servers for vulsrepo(or run whatever with docker exec)
|
||||
|
||||
```
|
||||
docker exec -t vuls vuls prepare -config=conf/config.toml
|
||||
docker exec -t vuls scripts/scan_for_vulsrepo.sh
|
||||
$ docker exec -t vuls vuls prepare -config=conf/config.toml
|
||||
$ docker exec -t vuls scripts/scan_for_vulsrepo.sh
|
||||
```
|
||||
|
||||
## See the results in a browser
|
||||
@@ -77,3 +72,17 @@
|
||||
```
|
||||
http://${Vuls_Host}/vulsrepo/
|
||||
```
|
||||
|
||||
# Update modules
|
||||
|
||||
- update vuls, go-cve-dictionary, vulsrepo
|
||||
```
|
||||
$ docker exec -t vuls scripts/update_modules.sh
|
||||
```
|
||||
|
||||
# Update Vulnerability database
|
||||
|
||||
- Fetch Vulnerability database from NVD
|
||||
```
|
||||
$ docker exec -t vuls scripts/fetch_nvd_last2y.sh
|
||||
```
|
||||
|
||||
Reference in New Issue
Block a user