-
Notifications
You must be signed in to change notification settings - Fork 1
ForwarderExecutableJAR usage
ForwarderExecutableJAR is a runnable JAR file which is used for sending VM information to the VulnerabilityScanner listener. A config file named "ForwarderExecutable.properties" should be included in the same directory as the ForwarderExecutableJAR file.
Java 7 JRE
The JAR file supports a variables number of arguments. The first three arguments must always be:
VM UUID (The UUID of the VM given by the platform)
VM IP (The I.P address of the VM to be scanned)
Email Address (The email address which will receive the generated Vulnerability Report)
Additional arguments given as the 4th and 5th argument are also supported:
Username (The username used to log into the VM)
Password (The password used to log into the VM)
Additionally, if an SSH Key has been set up in the VulnerabilityScanner config file for the platform on which the current VM resides, the password 'useSSHkey' will prompt the VulnerabilityScanner to use the configured SSH Key.
In order to verify the SSH credentials before passing them to the VulnerabilityScanner listener, this JAR will attempt to establish an SSH connection to the given VM I.P using the supplied username/password (if given as arguments). If these credentials fail, then a only the first three arguments (VM UUID, VM I.P and email address) will be sent to the VulnerabilityScanner listener.
Inside the ForwarderExecutable.properties file, two properties can be configured.
scannerIP (The I.P in which the VM details will be sent to by the ForwarderExecutable)
port (The port which the ForwarderExecutable will send the details to on the scannerIP)
By default, the following ports are configured for each supported platform.
8341 FCO
8342 Openstack
8343 Open Nebula
8344 AWS
For each cloud supported by this tool, cloud-specific scripts have been written to allow the automatic collection of VM details. The scripts then call the ForwarderExecutableJAR with the VM details as arguments in order to sent the information to the listener application.
A trigger has been developed for FCO to allow the automatic collection and forwarding of VM details. The trigger should be installed on the FCO deployment on an admin level. The trigger code is available here.
A bash script has been developed which routinely polls the Openstack VM repo to check for new VMs. Once a VM with a new UUID is detected, it's details are forwarded to the listener application by the ForwarderExecutable. The bash scripts are available here.
A ruby script has been developed to run on Open Nebula in order to detect new VMs which have been created on the platform. The script automatically detects as soon as a new VM is created and calls the forwarder using the collected VM details.
A Java executable has been developed to poll the AWS repo for newly created VMs. Upon detecting a new VM, the JAR calls the ForwarderExecutable with the VM details, which sends the to the listener application. The source code for the AWS JAR is available here.