How to Install and Use Vuls Vulnerability Scanner on Ubuntu 24.04
Vuls is an open-source vulnerability scanner written in Go that automates security vulnerability analysis. This guide will help you install and configure Vuls on Ubuntu 24.04.
Prerequisites
- Ubuntu 24.04 server
- Root or sudo privileges
- Minimum 2GB RAM
- Internet connection
Step 1: Update System
sudo apt update
sudo apt upgrade -yStep 2: Install Required Dependencies
sudo apt install -y golang sqlite3 git gcc make wgetStep 3: Configure Go Environment
echo 'export GOPATH=$HOME/go' >> ~/.bashrc
echo 'export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin' >> ~/.bashrc
source ~/.bashrcStep 4: Install Go
wget https://go.dev/dl/go1.21.6.linux-amd64.tar.gz
sudo tar -C /usr/local -xzf go1.21.6.linux-amd64.tar.gz
rm go1.21.6.linux-amd64.tar.gzVerify Go installation:
go versionStep 5: Install Vuls
mkdir -p $GOPATH/src/github.com/future-architect
cd $GOPATH/src/github.com/future-architect
git clone https://github.com/future-architect/vuls.git
cd vuls
make installStep 6: Install go-cve-dictionary
mkdir -p $GOPATH/src/github.com/vulsio
cd $GOPATH/src/github.com/vulsio
git clone https://github.com/vulsio/go-cve-dictionary.git
cd go-cve-dictionary
make installStep 7: Install goval-dictionary
cd $GOPATH/src/github.com/vulsio
git clone https://github.com/vulsio/goval-dictionary.git
cd goval-dictionary
make installStep 8: Install gost
cd $GOPATH/src/github.com/vulsio
git clone https://github.com/vulsio/gost.git
cd gost
make installStep 9: Create Working Directory
sudo mkdir /var/lib/vuls
sudo chown -R $USER /var/lib/vuls
cd /var/lib/vulsStep 10: Fetch Vulnerability Databases
Fetch NVD data:
go-cve-dictionary fetch nvdFetch OVAL data:
goval-dictionary fetch ubuntu 20 22 24Fetch GOST data:
gost fetch debianStep 11: Configure Vuls
Create configuration file:
sudo mkdir /etc/vuls
sudo nano /etc/vuls/config.tomlAdd this basic configuration:
[cveDict]
type = "sqlite3"
path = "/var/lib/vuls/cve.sqlite3"
[ovalDict]
type = "sqlite3"
path = "/var/lib/vuls/oval.sqlite3"
[gost]
type = "sqlite3"
path = "/var/lib/vuls/gost.sqlite3"
[servers]
[servers.localhost]
host = "localhost"
port = "local"Step 12: Configure Scan Target
sudo vuls configtest
sudo vuls scanStep 13: Generate Reports
sudo vuls report -format-json
sudo vuls report -format-textTroubleshooting
Database Issues
# Check database files
ls -l /var/lib/vuls/*.sqlite3
# Verify permissions
sudo chown -R $USER:$USER /var/lib/vuls/Scan Issues
# Debug scan
sudo vuls scan -debug
# Check scan logs
sudo journalctl -xeBest Practices
Scheduling Regular Scans
Create a cron job for regular scanning:
sudo nano /etc/cron.d/vulsAdd this schedule:
0 0 * * * root cd /var/lib/vuls && vuls scan && vuls report -format-json -to-emailUpdate Vulnerability Databases
Create update script:
#!/bin/bash
# update-vuls-db.sh
cd /var/lib/vuls
go-cve-dictionary fetch nvd
goval-dictionary fetch ubuntu 20 22 24
gost fetch debianSecurity Considerations
- Regularly update vulnerability databases
- Secure access to Vuls reports
- Monitor system resources during scans
- Backup configuration and databases
Advanced Configuration
Email Notifications
Add to config.toml:
[email]
smtp_addr = "smtp.example.com"
smtp_port = "587"
from = "[email protected]"
to = ["[email protected]"]
cc = ["[email protected]"]Custom Scan Policies
Add to config.toml:
[servers.localhost]
host = "localhost"
port = "local"
enabled_dnspkgs = true
enabled_hardening = trueMaintenance
Database Maintenance
# Cleanup old data
find /var/lib/vuls -name "*.sqlite3-journal" -delete
# Backup databases
tar -czf vuls-backup-$(date +%Y%m%d).tar.gz /var/lib/vuls/*.sqlite3Log Rotation
sudo nano /etc/logrotate.d/vuls/var/log/vuls/*.log {
weekly
rotate 4
compress
delaycompress
missingok
notifempty
}Conclusion
Your Vuls installation is now complete and configured. Remember to:
- Regularly update vulnerability databases
- Schedule periodic scans
- Monitor scan reports
- Keep the system updated
- Backup configuration and databases