Posts

Showing posts from November, 2015

OpenVAS Security and Vulnerability Scanner on RHEL/CentOS 6.5

We have chosen OpenVAS(Open Vulnerability Assessment System), originally a german open source product, to scan our network environment consists of thousands of servers, both VM and physical running Linux and Windows.

OpenVAS is backed by German Federal Office for Information Security (BSI) and DFN-CERT (German Research Network) contributes their advisories to the OpenVAS Security Feed.

OpenVAS originally was a fork of Nessus and now an efficient alternate to Tenable proprietary Nessus with a free of charge daily updated feed of Network Vulnerability Tests (NVTs).

Components Openvas vulnerability scanner suit consist of 3 major components:

openvasmd    : OpenVAS Manager running on port 9390
openvassd      : OpenVAS Scanner running on port 9391
gsad               : Greenbone Security Assistant acting as Web UI running on port 9392 

How to Install I've installed the OpenVAS version 7 on top of RHEL 6.5. Following explains how I did it: 
1. Add the Atomicorp Repository:
# wget -q -O - ht…

Puppet accidentally overwrite a config file? Solution: Puppet Filebucket!

If you have accidentally overwritten one or more config files of the servers by puppet, it's scary!

But thankfully there is a solution for it, "Puppet Filebucket"

Puppet Filebucket is actually a stand-alone filebucket client for backup and restore files to a local or central filebucket.

In the default Red Hat Enterprise Linux 6.5 installation, it keeps the bucket database locally on the agent in the clientbucket directory:

# ll /var/lib/puppet/clientbucket/
total 64
drwxrwx--- 17 root root 4096 Oct 27 15:28 0
drwxrwx--- 18 root root 4096 Oct 27 15:28 1
drwxrwx--- 17 root root 4096 Oct 27 15:28 2
drwxrwx--- 18 root root 4096 Oct 27 15:28 3
drwxrwx--- 17 root root 4096 Oct 27 15:28 4
drwxrwx--- 18 root root 4096 Oct 27 15:28 5
drwxrwx--- 18 root root 4096 Oct 27 15:28 6
drwxrwx--- 18 root root 4096 Oct 27 15:28 7
drwxrwx--- 18 root root 4096 Oct 27 15:28 8
drwxrwx--- 18 root root 4096 Oct 27 15:28 9
drwxrwx--- 18 root root 4096 Oct 27 15:28 a
drwxrwx--- 17 root root 4096 Oct 27 15:28 b
dr…