Automating Vulnerability Assessment with Terrapin Scanner Using Ansible

Strengthening Cybersecurity Defenses Through Automated Vulnerability Assessment with Terrapin Scanner and Ansible Playbooks.

January 4, 2024

Introduction

In the rapidly evolving landscape of cybersecurity, regular vulnerability assessments are essential to identify and mitigate potential security risks. The Terrapin Vulnerability Scanner, developed by the RUB-NDS research group, offers a powerful tool for scanning and evaluating the security posture of systems. In this article, we explore how Ansible, a popular automation tool, can be leveraged to streamline the process of deploying and executing the Terrapin Scanner.

Understanding the Ansible Playbook

The provided Ansible playbook is a set of instructions written in YAML format, defining a sequence of tasks to be executed on remote hosts. Let’s break down the key components of the playbook:

---
- name: Terrapin Vulnerability Scanner
  hosts: all
  gather_facts: false
  vars:
    scanner: "Terrapin_Scanner_MacOS_arm64_darwin"
    target: "rhel.example.com"
    version: "1.1.0"
    myurl: "https://github.com/RUB-NDS/Terrapin-Scanner/releases/download/v{{ version }}/{{ scanner }}"
    mydest: "./"
    cli_params: "-json -connect {{ target }}"
  tasks:
    - name: Download the scanner
      ansible.builtin.get_url:
        url: "{{ myurl }}"
        dest: "{{ mydest }}"
        mode: '0644'

    - name: Set scanner execution permission
      ansible.builtin.file:
        dest: "{{ mydest }}/{{ scanner }}"
        mode: 'a+x'

    - name: Execute the scanner
      ansible.builtin.command: "{{ mydest }}/{{ scanner }} {{ cli_params }}"
      register: command_output

    - name: Print message on the screen
      ansible.builtin.debug:
        var: command_output

Explanation of the Playbook

• hosts: all: Specifies that the tasks will be executed on all hosts.
• gather_facts: false: Disables the gathering of facts about the target hosts. Facts include information about the system, such as IP address, OS version, etc.
• vars: Defines variables used throughout the playbook, such as the scanner name, target host, version, download URL, destination directory, and command-line parameters.
• tasks: Describes a series of tasks to be executed in order.
• Download the scanner: Uses the get_url Ansible module to download the Terrapin Scanner from the specified URL and save it to the destination directory.
• Set scanner execution permission: Uses the file Ansible module to set the execution permission for the downloaded scanner.
• Execute the scanner: Runs the Terrapin Scanner with the specified command-line parameters.
• Print message on the screen: Displays the output of the scanner execution for further analysis.

The Best Resources For Ansible

Certifications

• The Linux Foundation Linux Performance Tuning - Build a broad toolkit to optimize Linux performance from the kernel up

• Coursera Pro - Unlimited access to 7,000+ world-class courses, hands-on projects, and job-ready certificate programs—all included in your subscription

Video Course

• Udemy: Learn Ansible Automation in 250+examples & practical lessons: Learn Ansible with some real-life examples of how to use the most common modules and Ansible Playbook

Printed Book

• Ansible For VMware by Examples
  Buy on Amazon Buy on Apress
• Ansible for Kubernetes by Example
  Buy on Amazon Buy on Apress
• Hands-on Ansible Automation
  Buy on Amazon Buy on BPB
• Red Hat Ansible Automation Platform
  Buy on Amazon Buy on BPB

eBooks

• Buy on Leanpub Ansible by Examples: 200+ Automation Examples For Linux and Windows System Administrator and DevOps
• Buy on Leanpub Ansible Cookbook: A Comprehensive Guide to Unleashing the Power of Ansible via Best Practices, Troubleshooting, and Linting Rules with Luca Berton
• Buy on Leanpub Terraform By Example: A Practical Approach for Beginners to Learn Cloud Infrastructure with Terraform
• Buy on Leanpub Ansible For Windows By Examples: 50+ Automation Examples For Windows System Administrator And DevOps
• Buy on Leanpub Ansible For Linux by Examples: 100+ Automation Examples For Linux System Administrator and DevOps
• Buy on Leanpub Ansible Linux Filesystem By Examples: 40+ Automation Examples on Linux File and Directory Operation for Modern IT Infrastructure
• Buy on Leanpub Ansible For Security by Examples: 100+ Automation Examples to Automate Security and Verify Compliance for IT Modern Infrastructure
• Buy on Leanpub Ansible Tips and Tricks: 10+ Ansible Examples to Save Time and Automate More Tasks
• Buy on Leanpub Ansible Linux Users & Groups By Examples: 20+ Automation Examples on Linux Users and Groups Operation for Modern IT Infrastructure
• Buy on Leanpub Ansible For PostgreSQL by Examples: 10+ Examples To Automate Your PostgreSQL database
• Buy on Leanpub Ansible For Amazon Web Services AWS By Examples: 10+ Examples To Automate Your AWS Modern Infrastructure
• Buy on Leanpub Ansible Automation Platform By Example: A step-by-step guide for the most common user scenarios

Execution

• localhost inventory

localhost ansible_connection=local

• Playbook Execution

ansible-playbook -i inventory terrapin.yml

• Output for a vulnerable OpenSSH connection

PLAY [Terrapin Vulnerability Scanner] ***************************************************

TASK [Download the scanner] *************************************************************
changed: [localhost]

TASK [Set scanner execution permission] *************************************************
changed: [localhost]

TASK [Execute the scanner] **************************************************************
changed: [localhost]

TASK [Print message on the screen] ******************************************************
ok: [localhost] => {
    "command_output": {
        "changed": true,
        "cmd": [
            ".//Terrapin_Scanner_MacOS_arm64_darwin",
            "-json",
            "-connect",
            "rhel.example.com"
        ],
        "delta": "0:00:00.574565",
        "end": "2024-01-04 13:01:22.774207",
        "failed": false,
        "msg": "",
        "rc": 0,
        "start": "2024-01-04 13:01:22.199642",
        "stderr": "",
        "stderr_lines": [],
        "stdout": "{\n    \"Banner\": \"SSH-2.0-OpenSSH_8.7\",\n    \"SupportsChaCha20\": true,\n    \"SupportsCbcEtm\": false,\n    \"SupportsStrictKex\": false,\n    \"Vulnerable\": true\n}",
        "stdout_lines": [
            "{",
            "    \"Banner\": \"SSH-2.0-OpenSSH_8.7\",",
            "    \"SupportsChaCha20\": true,",
            "    \"SupportsCbcEtm\": false,",
            "    \"SupportsStrictKex\": false,",
            "    \"Vulnerable\": true",
            "}"
        ]
    }
}

PLAY RECAP ******************************************************************************
localhost                  : ok=4    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Conclusion

Automating vulnerability assessments with tools like Terrapin Scanner and Ansible can significantly enhance the efficiency and consistency of security practices. This Ansible playbook serves as a template for deploying Terrapin Scanner, making it easier for security professionals to integrate vulnerability scanning into their regular workflows. As cyber threats continue to evolve, proactive measures, such as automated vulnerability assessments, play a crucial role in maintaining a robust cybersecurity posture.

Academy

Learn the Ansible automation technology with some real-life examples in my 200+ Lessons Video Course

My book Ansible By Examples: 200+ Automation Examples For Linux and Windows System Administrator and DevOps

Donate

Want to keep this project going? Please donate

Patreon Buy me a Pizza