Agent-Less inventory scan of Linux machines ?

jibbajabba

Got a lot of Linux machines not many people know what they do. Is there a piece of software which can connect via SSH, scans the systems and report what actually runs on it ?

I could go through manually, but that takes ages

dmoore44

Since I don't know what your budget is or the size of your environment... check out the Tripwire ip360 product. It is an agentless solution and offers vulnerability scanning, software inventories, and automatic host discovery.

Competitors to ip360 include McAfee Vulnerability Manager, Tenable Nessus, and Rapid7 nexPose. They're all probably more than you really need (especially if the only thing you're looking for is a software inventory...) - in which case, I would just write a shell script that pulls all the software registered in the server's package manager and also gathers information about the boot services and running services.

kiki162

McAfee Vulnerability Manager works pretty well here. Put an exception on your AV so it can scan properly. I've played with Nessus too, and it's not bad at all. NMap (Download the Free Nmap Security Scanner for Linux/MAC/UNIX or Windows) is also a nice port scanner.

onesaint

Perl, Python, etc. and PS.

Write something to scan a subnet, ssh and run a remote command (like ps) per host, then **** to a local file. You can remove lines from the file with common services/processes and scan over the rest. Heck, name the files by ip/hostname and then grep through your directory for common processes (e.g., httpd), then you'll find anything running a web server. Or check out Python modules like psutils:psutil - A cross-platform process and system utilities module for Python - Google Project Hosting .