内容简介:本文风哥教程参考Linux官方文档、Red Hat Enterprise Linux官方文档、Ansible Automation Platform官方文档、Docker官方文档、Kubernetes官方文档和Podman官方文档等内容,详细介绍了相关技术的配置和使用方法。
风哥提示:
本文档详细介绍Linux安全扫描工具的使用方法。
Part01-Nmap扫描
1.1 Nmap基础扫描
$ sudo dnf install -y nmap
# TCP扫描
$ nmap 192.168.1.100
Starting Nmap 7.92 ( https://nmap.org )
Nmap scan report for 192.更多学习教程公众号风哥教程itpux_com168.1.100
Host is up (0.0010s latency).
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
443/tcp open https
# UDP扫描
$ sudo nmap -sU 192.168.1.100
# 全端口扫描
$ nmap -p- 192.168.1.100
# 服务版本检测
$ nmap -sV 192.168.1.100
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.7
80/tcp open http nginx 1.20.1
443/tcp open ssl nginx 1.20.1
# 操作系统检测
$ sudo nmap -O 192.168.1.100
# 漏洞扫描
$ nmap –script vuln 192.168.1.100
# 扫描脚本
$ nmap –script auth 192.168.1.100
$ nmap –script brute 192.168.1.100
$ nmap –script discovery 192.168.1.100
# 扫描多个主机
$ nmap 192.168.1.0/24
# 保存扫描结果
$ nmap -oN scan-result.txt 192.168.1.100
$ nmap -oX scan-result.xml 192.168.1.100
$ nmap -oA scan-result 192.168.1.100
Part02-OpenVAS扫描
2.1 配置OpenVAS
$ sudo dnf install -y openvas
# 初始化OpenVAS
$ sudo gvm-setup
# 启动OpenVAS
$ sudo gvm-start
# 访问Web界面
https://localhost:9392
# 创建扫描任务
1. 登录OpenVAS
2. 创建扫描配置
3. 创建目标主机
4. 创建扫描任务
5. 启动扫描
# 使用命令行扫描
$ sudo gvm-cli –gmp-username admin –gmp-password password socket < scan.xml
# 查看扫描结果
$ sudo gvm-cli --gmp-username admin --gmp-password password socket --xml "
# 更新漏洞库
$ sudo greenbone-nvt-sync
$ sudo greenbone-scapdata-sync
$ sudo greenbone-certdata-sync
Part03-Lynis审计
3.1 使用Lynis审计
$ sudo dnf install -y lynis
# 运行系统审计
$ sudo lynis audit system
# 查看审计报告
$ sudo cat /var/log/lynis-report.dat
# 审计特定项目
$ sudo lynis audit system –tests-category security
$ sudo lynis audit system –tests-category kernel
# 查看测试项目
$ sudo lynis show categories
$ sudo lynis show groups
$ sudo lynis show tests
# 配置Lynis
$ sudo tee /etc/lynis/custom.prf << 'EOF'
quick=yes
quiet=yes
show-report-only=yes
EOF
# 创建审计脚本
$ cat > /usr/local/bin/system-audit.sh << 'EOF'
#!/bin/bash
REPORT_DIR="/var/log/lynis"
mkdir -p $REPORT_DIR
DATE=$(date +%Y%m%d)
REPORT_FILE="$REPORT_DIR/audit-$DATE.txt"
echo "Running Lynis system audit..."
sudo lynis audit system --quiet > $REPORT_FILE
echo “Audit completed. Report saved to $REPORT_FILE”
# 发送报告
mail -s “System Audit Report $DATE” admin@fgedu.net.cn < $REPORT_FILE
EOF
chmod +x /usr/local/bin/system-audit.sh
Part04-漏洞扫描脚本
4.学习交流加群风哥QQ1132571741 自动化扫描脚本
$ cat > /usr/local/bin/vulnerability-scan.sh << 'EOF' #!/bin/bash REPORT_DIR="/var/log/vuln-scan" mkdir -p $REPORT_DIR DATE=$(date +%Y%m%d) TARGET=$1 if [ -z "$TARGET" ]; then echo "Usage: $0
exit 1
fi
echo “Starting vulnerability scan for $TARGET”
# Nmap扫描
echo “Running Nmap scan…”
nmap -sV -oA $REPORT_DIR/nmap-$DATE $TARGET
# 漏洞扫描
echo “Running vulnerability scan…”
nmap –script vuln -oA $REPORT_DIR/vuln-$DATE $TARGET
# 服务扫描
echo “Running service scan…”
nmap -sV –script=”vulners” -oA $REPORT_DIR/service-$DATE $TARGET
# 生成报告
echo “Generating report…”
cat > $REPORT_DIR/report-$DATE.更多视频教程www.fgedu.net.cntxt << REPORT
Vulnerability Scan Report
Date: $(date)
Target: $TARGET
=== Open Ports ===
$(grep "open" $REPORT_DIR/nmap-$DATE.nmap)
=== Vulnerabilities ===
$(grep "VULNERABLE" $REPORT_DIR/vuln-$DATE.nmap)
=== Services ===
$(grep "SERVICE" $REPORT_DIR/service-$DATE.nmap)
REPORT
echo "Scan completed. Report saved to $REPORT_DIR/report-$DATE.txt"
# 发送报告
mail -s "Vulnerability Scan Report $DATE" admin@fgedu.net.cn < $REPORT_DIR/report-$DATE.txt
EOF
chmod +x /usr/local/bin/vulnerability-scan.sh
# 配置定期扫描
$ cat > /etc/cron.weekly/vuln-scan << 'EOF'
#!/bin/bash
/usr/local/bin/vulnerab学习交流加群风哥微信: itpux-comility-scan.sh 192.168.1.0/24
EOF
chmod +x /etc/cron.weekly/vuln-scan
1. 定期执行安全扫描
2. 使用多种扫描工具
3. 分析扫描结果
4. 及时修复漏洞
5. 保存扫描报告
本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html
