April 15, 2014

Classes
Tags blog

Nessus Security Scans Using the SoftLayer API

<p>SoftLayer offers free vulnerability scans with all servers. When utilized through the customer portal, it will run a

SoftLayer offers free vulnerability scans with all servers. When utilized through the customer portal, it will run a scan on the primary IP for the given server. Because vulnerabilities and misconfiguration are a fact of life in server administration, SoftLayer recommends running scan regularly to keep you you up-to-date on security risks that may impact your server.

Automating regular vulnerability scans can become effortless when using the SoftLayer API.

Using the SoftLayer API, the SoftLayer_Network_Security_Scanner_Request service can scan any IP address belonging to your account (primary IPs, portable IPs, Static secondary IPs). Below is an example of a CLI script, where the IP you’d like as the target is passed as a command-line argument:

require_once dirname(__FILE__) . '/softlayer-api-php-client/SoftLayer/SoapClient.class.php';
$user = "";
$key = "";
$ip = $argv[1];
 
$accountClient = SoftLayer_SoapClient::getClient('SoftLayer_Account', Null, $user, $key);
$account = accountClient.getObject();
 
$scanClient = SoftLayer_SoapClient::getClient('SoftLayer_Network_Security_Scanner_Request', Null, $user, $key);
 
//The class requires, at least, the following two parameters
$scanTemplate = new stdClass();
$scanTemplate->accountId = $account->id;
$scanTemplate->ipAddress = $ip;
 
$scanner = $scanClient->createObject($scanTemplate);

Above, you are creating a SoftLayer_Network_Security_Scanner_Request template object, and defining the target IP and your SoftLayer account ID.

Now that you’ve started the scan, the status of a any given scan can be checked with its ID and SoftLayer_Network_Security_Scanner_Request::getStatus:

$scanner = $scanClient->getStatus($scanID); 

The benefit of this approach to vulnerability scanning is that you can scan your secondary addresses or virtual machines (for those of us hosting a private cloud on SoftLayer) for a more complete security plan.

Your scans will be available to you through the customer portal once they are complete. They’ll define any perceived vulnerabilities or possible exploitation points for your server so you and your administration team can keep everything running smoothly and securely.

-Joseph