Wednesday, June 16, 2010
12:07 PM

lynis - Security and System auditing tool for Linux

Lynis is an auditing tool for Unix (specialists). It scans systems to detect software and security issues. Besides security-related information, it will also scan for general system information, installed packages, and possible configuration mistakes. The software is aimed at assisting automated auditing, software patch management, and vulnerability and malware scanning of Unix-based systems.

Lynis can be run as a cron-job, or from the command line. It needs to have full access to the system, so running  it  as root (or with sudo rights) is required.

The following system areas are checked:
 * Boot loader files
 * Configuration files
 * Common files by software packages
 * Directories and files related to logging and auditing

Installation:
OpenSuSe user can install Lynis using "1-click" installer - here
Lynis doesn't have to be installed, so it can be used directly from a (removable) disk.

Steps to run Lynis without installing:
 * Download the source from here
 * Create a directory ( /usr/local/lynis)
 * unpack the tar ball (tar xfvz lynis-version.tar.gz) into this directory.

Using/Running Lynis:
you can start it with 'lynis' (if installed and the file is available in your binary path) or 'sh lynis' or './lynis'.

Without parameters, Lynis will give you a valid list of parameters and return back to the shell prompt. At least the '-c' (--check-all) parameter is needed, to start the scan process.

Below is the Lynis report when run on my PC ...

0 comments:

Post a Comment