Brandeis University Security scanning system Copyright 2008 Brandeis University This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . == How it works == A central database stores security information about hosts. A web interface displays that information to administrators, and optionally to users. For Nessus users, a PHP script runs Nessus in a loop to continuously scan machines that arp reports are up. The script also loads the resulting output file into the database. For PVS users, a cron job invokes a PHP script every few minutes. The script loads the PVS output file into the database. == Requirements == * UNIX-like system (developed on RedHat Linux) * PHP * The Brandeis arp2db program, for efficient scanning * Tenable Nessus and/or PVS * Some authentication system (developed with UMich Cosign) == Setup == 1. Create a MySQL database to hold the data. Load the schema from etc/secscan.sql into it. 2. Copy the contents of sbin/ somewhere, like /usr/local/sbin/. If you pick somewhere else, you'll need to specify that in the files in steps 6 and 7. 3. Copy the files from htdocs/* somewhere in the web server's document root that PHP is parsed. 4. Edit lib/secscan-config.php. Set appropriate values for your school and your Nessus/PVS install. 5. Copy the files from lib/* somewhere in the PHP include path. I like to create /usr/local/lib/php and add that to the path in php.ini. 6. PVS users, install etc/pvs-cron into /etc/cron.d/ or similar. 7. Nessus users, install etc/nessus-scan.init in /etc/init.d or similar and configure it to run on system startup if desired.