Table des matières

Installing Svalinn

See here for prerequisites: https://wiki.esia-sa.com/intro/prerequis#box_svalinn

Svalinn Scanner

copy
apt update
apt install gnupg
copy
echo "deb http://stable.repository.esia-sa.com/esia bullseye contrib non-free" >> /etc/apt/sources.list
wget -O- "http://stable.repository.esia-sa.com/esia/gnupg.key" | apt-key add -
copy
apt update
apt install snmpd -y
apt install gesa-base -y
apt install gesa-web-interface -y
apt install gesa-svalinn-base -y

Add the serial number

You need to edit the /etc/gesa/sn file

copy
echo "<ton SN>" > /etc/gesa/sn

Configure SNMP

Next, edit the :

copy
nano /etc/snmp/snmpd.conf

You then need to configure the SNMP community by adding the following line:

copy
rocommunity public localhost

Save the file with ctrl+o and ctrl+x to exit.

Restart services

copy
/etc/init.d/snmpd restart
/etc/init.d/ecatp-client restart

Your Unity is now active and should appear in your interface like a regular Unity. You can go to the following tutorial following tutorial.

Esia mercury with Svalinn

copy
apt update
apt install gnupg
copy
echo "deb http://stable.repository.esia-sa.com/esia bullseye contrib non-free" >> /etc/apt/sources.list
wget -O- "http://stable.repository.esia-sa.com/esia/gnupg.key" | apt-key add -
copy
echo "deb http://svalin.repository.esia-sa.com/svalin bullseye contrib non-free" >> /etc/apt/sources.list
wget -O- "http://svalin.repository.esia-sa.com/svalin/gnupg.key" | apt-key add -
copy
apt update
apt install esia-enterprise-base esia-db-plugins-gesa esia-ecatp-server
apt install esia-webp-svascan esia-webp-inventory
apt install esia-svalin-cve-all

Configure interfaces

Once you have installed the vulnerability scanner. You need to add the interfaces from the graphical interface. Then go to the interface tab.

Click on the +, fill in the form and choose the interface.

VM Svalinn scanner under VMWare

If you are using VMWare, Svalinn scans may not detect nodes (even in the same VLAN). This is due to the use of containers and macvlan network drivers which require the VM to use different mac addresses to the network interface (VMWare).

You can check the following options in VMWare:

VM Svalinn scanner under HyperV

From the Hyper-V graphical interface, you can activate this option by accessing the virtual machine settings. Click on the “+“symbol next toNetwork card“and then selectAdvanced features”. Finally, tick the option “Enable MAC address spoofing”.