Unicornscan and PostgreSQL -------------------------- 1. The PostgreSQL service has to be up and running. Depending on the exact version of Slackware, on the first PostgreSQL startup, a "initdb -D \ /var/lib/pgsql/data" is maybe required for initializing. bash-4.2# /etc/rc.d/rc.postgresql start 2. Switch to the PostgreSQL user. bash-4.2# su - postgres postgres@darkstar:~$ 3. Create an own PostgreSQL database user for unicornscan. Don't forget to set a password, e.g. "scanit!" as it is used in all examples. postgres@darkstar:~$ createuser --no-superuser --no-createrole --no-createdb --pwprompt unicornscan Enter password for new role: Enter it again: 4. Create an own PostgreSQL database for unicornscan linked with the previous generated database user for unicornscan. postgres@darkstar:~$ createdb --owner unicornscan unicornscan 5. Switch back to the root user. postgres@darkstar:~$ exit bash-4.2# 6. Edit PostgreSQL client authentication file /var/lib/pgsql/data/pg_hba.conf file with a text editor, insert the following lines before the other already existing rules. # TYPE DATABASE USER CIDR-ADDRESS METHOD local unicornscan unicornscan md5 host unicornscan unicornscan 127.0.0.1/32 md5 host unicornscan unicornscan ::1/128 md5 7. Edit PostgreSQL server configuration in /var/lib/pgsql/data/postgresql.conf and set the configuration variable as follows: escape_string_warning = off 8. Restart the PostgreSQL service to enable the previous performed changes. bash-4.2# /etc/rc.d/rc.postgresql restart Restarting PostgreSQL... waiting for server to shut down.... done server stopped server starting 9. Create the required tables for unicornscan inside of PostgreSQL database, there will be some error messages displayed after entering the password for psql. These error messages are normal and expected, because the SQL dump contains a SQL DROP of all tables before the SQL CREATE is performed. bash-4.2# psql --username unicornscan --password unicornscan < /usr/doc/unicornscan-0.*/pgsql_schema.sql Password for user unicornscan: [...] bash-4.2# psql --username unicornscan --password unicornscan < /usr/doc/unicornscan-0.*/session.sql Password for user unicornscan: [...] 10. Edit the unicornscan configuration file /etc/unicornscan/modules.conf and check or correct the PostgreSQL database connection settings. module "pgsqldb" { dbconf: "user=unicornscan password=scanit! host=localhost dbname=unicornscan"; logpacket: "true"; }; 11. Perform a small sample scan and write the output to PostgreSQL database. bash-4.2# unicornscan www.google.com -e pgsqldb TCP open http[ 80] from 209.85.129.104 ttl 52 TCP open https[ 443] from 209.85.129.104 ttl 52