Atomicorp

For months we haven't seen a working version of the ASL web application inventory scanner. Is there something we should configure to make it work?

We have configured 'APPINV_CRON' as 'weekly' in /etc/asl/config.

The file /var/asl/data/webapp.db does seem to get touched weekly, but is contains nothing more than a single new line.

Its only designed to find old known vulnerable applications. If its not turning anything up, then theres no known old web applications on the system.

mikeshinn wrote:Its only designed to find old known vulnerable applications. If its not turning anything up, then theres no known old web applications on the system.

We have recently manually made an inventory of web applications for a large web hosting company which does lots of shared hosting, and found several out-dated vulnerable web applications (such as Joomla 1.5, ZenCart, Wordpress 2.x etc.). On these servers the ASL web application inventory scanner gives no results at all.

Surely something must be wrong, right? Is there anything we can do to further debug the working of the ASL web application inventory scanner?

*bump*

We haven't encountered a single ASL machine where the web application inventory scanner actually reported something. Is there anything we can do to further debug this component? Or can you take a look?

prupert wrote:*bump*

We haven't encountered a single ASL machine where the web application inventory scanner actually reported something. Is there anything we can do to further debug this component? Or can you take a look?

This post from June 2014 never got a reply. I also noted that the APPINV rules are over a year old.

Is the ASL web inventory scanner dead?