zoukankan      html  css  js  c++  java
  • CentOS下安装cvechecker并进行主机基线安全检查

    一、cvechecker的安装

    1、首先下载cvechecker并解压该文件:

    1 cd /home/username
    2 mkdir cve
    3 wget https://raw.githubusercontent.com/wiki/sjvermeu/cvechecker/releases/cvechecker-3.8.tar.gz
    4 tar zxvf cvechecker-308.tar.gz

    2、然后进行安装步骤:

    1 cd cvechecker-3.8
    2 ./configure -prefix=/home/username/cve/ enable-sqlite3
    3 #这边使用mysql也可以,但是我的centos安装mysq出现各种问题。

    3、一把会出现缺少那些依赖包,没有安装一类的问题,记得一定要源码安装,然后把*.pc文件拷贝到两个目录下,距离,我缺少sqlite3:

    1 #下载链接就不提供了,很好早
    2 cd sqlite-320000
    3 ./configure
    4 make
    5 makeinstall
    6 cp ./sqlite3.pc /usr/local/lib/pkgconfig/
    7 cp ./splite3.pc /usr/lib64/pkgconfig/

    4、然后重新回到cvechecker的目录下进行编译安装:

    1 ./configure --prefix=/home/username/cve enable-sqlite3
    2 make
    3 make install

    二、修改配置文件启动并下载多年的nvdcve漏洞xml文件进行解析入库

    1、修改配置文件:

    (1)cvechecker.conf文件复制到/etc下

    1 cp ./conf/cvechecker.conf  /etc

    (2)修改改配置文件:

     1 #
     2 # Generic settings
     3 # 
     4 
     5 dbtype = "sqlite";
     6 #dbtype="mysql";
     7 cvecache = "/home/username/cvechecker/var/cvechecker/cache";
     8 datadir = "/home/username/cvechecker/share/cvechecker";
     9 stringcmd = "/usr/bin/strings -n 3 '@file@'";
    10 version_url = "https://raw.github.com/sjvermeu/cvechecker/master/versions.dat";
    11 #userkey = "********";
    12 
    13 #
    14 # For Sqlite3
    15 #
    16 sqlite3: {
    17   localdb = "/home/username/cvechecker/var/cvechecker/local";
    18   globaldb = "/home/username/cvechecker/var/cvechecker/global.db";
    19 };
    20 
    21 # 
    22 # For MySQL
    23 # 
    24 mysql: {
    25   dbname = "********";
    26   dbuser = "********";
    27   dbpass = "********";
    28   dbhost = "********";
    29 };

    2、然后启动

    1 #切换到对应的bin目录下
    2 ./cvechecker -i 

    3、下载对应的xml文件:

     传进Linux解析:

    1 #解析入库:
    2 xsltproc /home/username/cvechecker/share/cvechecker/nvdcve2simple.xsl ./*.xml >> cve.csv

    然后执行:

    1 #将cve拷贝bin目录下
    2 ./home/username/cvechecker/bin/cvechecker -c ./cve.csv
    3 #然后执行
    4 ./pullcves pull
    5 #把之前上传的XML文件拷贝到../var/cvechecker/cache/下
    6 #再次执行
    7 ./pullcves pull
    8 #然后查看配置文件对应的数据库路径和global.db的路径是否一致

    未完待续。。。

  • 相关阅读:
    HDU 1058 Humble Numbers
    HDU 1421 搬寝室
    HDU 1176 免费馅饼
    七种排序算法的实现和总结
    算法纲要
    UVa401 回文词
    UVa 10361 Automatic Poetry
    UVa 537 Artificial Intelligence?
    UVa 409 Excuses, Excuses!
    UVa 10878 Decode the tape
  • 原文地址:https://www.cnblogs.com/KevinGeorge/p/7889989.html
Copyright © 2011-2022 走看看