【Summary】
Notus is a new Vulnerability scanner provided in the Greenbone vulnerability management. It applies strictly to Linux distributions. This is considered a big milestone for performance reasons as stated by the CIO Elmar Geese.
Notus is addressing issues to do with performance and version checks.
【Performance Boost】
The reason behind the performance boost has to do with JSON. This Senior software developer "Bjorn Ricks", explains that previously, separate processes per version check had to be created. This meant manually creating a script for each version check. Having to generate these scripts was consuming on resources behind the scanner. What makes Notus different, is it loads only the data which it needs from the JSON files. Therefore it is significantly less overhead, memory and processes intensive.
【The 2 parts of Notus】
The Notus implementation consists of several parts. Firstly, the generator, which creates information about vulnerable RPM/Dev packages in JSON files. Secondly, the Notus scanner which loads these JSON files and parses them for information.
【How does it work?】
Well the Notus scanner actually requires no additional input from the user. It performs a scan after every regular scan eliminating the need for user interaction. The Notus scanner relies on SSH login and SNMP OID = OID: 1.3.6.1.4.1.25623.1.0.50282.
Notus replaces the (NASL) Nessus Attack Scripting Language with regards to local security checks (LSC's) For each LSC there is a comparison process of installed software compared to the list of vulnerable software, as opposed to running the VT scripts on a separate process for every LSC. The now legacy OpenVas scanner loads each NASL LSC in a separate process and executes on a individual bases on every single host.
The information regarding known vulnerable software is collected in a single list and the software version collected during the scan are compares to it.
【Compatibility】
---Amazon Linux Local Security Checks
---Oracle Linux Local Security Checks
---EulerOS Local Security Checks
---SuSE Local Security Checks
---Mageia Linux Local Security Checks
---Slackware Local Security Checks
---Rocky Linux Local Security Checks
【Requirements】
Python 3.7 and later is supported.
notus-scanner uses poetry for its own dependency management and build process.
-----------------------------------------------------------------------------------------------------------------------
Setup instructions
-----------------------------------------------------------------------------------------------------------------------
⭕️Step 1: install poetry via pip
⭕️Step 2: python3 -m pip install --user poetry
⭕️Step 3: run poetry install (in the checkout directory of notus-scanner (the directory containing the pyproject.toml file)
✅BASH install
curl -sSL raw.githubuser... | python -
✅Powershell install
(Invoke-WebRequest -Uri raw.githubuser... -UseBasicParsing).Content | python -
✅You only need to install Poetry once. It will automatically pick up the current Python version and use it to create virtualenvs accordingly.
✅The installer installs the poetry tool to Poetry’s bin directory. On Unix it is located at $HOME/.poetry/bin and on Windows at %USERPROFILE%\.poetry\bin.
✅This directory will be automatically added to your $PATH environment variable, by appending a statement to your $HOME/.profile configuration (or equivalent files). If you do not feel comfortable with this, please pass the --no-modify-path flag to the installer and manually add the Poetry’s bin directory to your path.
⭕️Step 4: Finally, open a new shell and type the following:
poetry --version
💯 If it displays your version, it is smooth sailing from here.
#OpenVAS #greenbone #vulnerabilities #cybersecurity #opensource #linux #gnu #Notus #python #poetry
🎓Reference:
www.greenbone....
www.greenbone....
www.greenbone....
github.com/gre...
Music:- ASHUTOSH - Chile
Watch:- • ASHUTOSH - Chile
www.ashutoshmu...
15 сен 2024
