Skip to content
grutz@jingojango.net edited this page Sep 28, 2013 · 1 revision

Kvasir begins as a blank slate. The first thing you should do is import the latest CPE data. To do navigate the menu to Administration->CPE Database->Import CPE ($appname/cpe/import_cpe_xml)

There are two options for obtaining the CPE data:

  1. Upload an existing XML database
  2. Have Kvasir download it from NIST

This populates a static table named t_cpe_os in Kvasir.

Adding OS to the "Engagement DB"

A second table, t_os, is used to store the Operating Systems discovered during an engagement. This is done so you can combine the static CPE data and any dynamic OS data. The t_os table is then referenced to hosts using the t_host_os_refs table.

The t_os table can be populated in multiple ways:

  • Automatically during scanner imports
  • Manually through the Add OS Refs or Add OS menu items from the Host Data->OS menu
  • Manually through the Add to Kvasir button from the Administration->CPE Database->List OS DB menu

Linking an OS to a Host

To link an Operating System to a Host navigate the menu to Host Data->OS->Add OS Ref. From here there are five options available:

  • Certainty: A percentage range between 0.00 and 1.00 of how certain you are
  • Device Class: The overall purpose of the Host
  • Family: What family does the Host belong to
  • Host: A t_hosts record to assign
  • OS: The t_os record to assign

The "Host Detail" Page

Host Detail combines all the knowledge about a single host onto one page. From the Operating System tab the t_os database can be added to through the CPE OS Functions drop down button. Two options are presented:

  • Add CPE to OS DB: Open the t_cpe_os list where you can search, select and click the Add to Kvasir button
  • Add Non-CPE OS: Opens a modal dialog to enter Operating System details that will be added to the t_os table.

The Add button on the Host Detail page opens a modal dialog to link a t_os entry to the current host.