Bash Scanner is a fast and reliable way to scan your server for outdated software and potential exploits.
The easiest way to install the Bash Scanner tool is by using wget
to get the runnable shell script. This file is signed with a SHA 256 key and allows you to safely install the security monitor by following several simple steps.
wget https://raw.githubusercontent.com/PatrolServer/bash-scanner/master/patrolserver
In order to run the monitor tool, use the bash
command to execute the shell script downloaded before.
bash patrolserver
After an initial scan, you will be asked to create an account on the PatrolServer dashboard (which is totally optional, you are free to use the tool without an account). The benefit of creating a sustainable account is detailed reporting, together with documentation on how to secure your server.
The script will ask you if it should set a cronjob, this simply means your server software will be in sync for daily scans. And you will be reported by email when your current software becomes outdated.
The Bash Scanner currently detects the following software for updates (keep in mind, this list is an ongoing process and more software packages will be added in the future):
- Debian* + dotdeb
- Ubuntu*
- OpenSSL*
- OpenSSH*
- cPanel
- Nginx*
- Laravel
- Apache*
- PHP*
- BIND*
- Drupal + modules
- Composer modules
- Wordpress + plugins
*: This software also returns the exploits information.