Difference between revisions of "Lynis"

From Indie IT Wiki
imported>Indieit
 
 
(3 intermediate revisions by the same user not shown)
Line 6: Line 6:
 
* Visit the website and confirm the current version before proceeding and modify the information below to match.
 
* Visit the website and confirm the current version before proceeding and modify the information below to match.
  
  sudo wget https://cisofy.com/files/lynis-2.2.0.tar.gz
+
  sudo wget <nowiki>https://downloads.cisofy.com/lynis/lynis-3.0.5.tar.gz</nowiki>
  sudo tar -xvf /path/to/lynis-2.2.0.tar.gz -C /usr/local/
+
  sudo tar -xvf /path/to/lynis-3.0.5.tar.gz -C /usr/local/
  
 
== '''HOWTO: UPDATE:''' ==
 
== '''HOWTO: UPDATE:''' ==
Line 33: Line 33:
 
To run a full system scan run the following:
 
To run a full system scan run the following:
 
   
 
   
  sudo ./lynis --check-all
+
  sudo ./lynis audit system -Q
 
 
As each section completes you will be presented with:
 
 
 
[ Press [ENTER] to continue, or [CTRL]+C to stop ]
 
 
 
To run a full scan without prompting use the following:
 
 
 
sudo ./lynis -c -Q
 
  
 
All the information is logged at:
 
All the information is logged at:

Latest revision as of 09:05, 16 July 2021

Lynis is a security auditing tool for Unix and Linux based systems. It performs in-depth security scans, with almost no configuration.

HOWTO: INSTALL:

  • Lynis does not need installation just extraction to a folder and is then run from there.
  • Visit the website and confirm the current version before proceeding and modify the information below to match.
sudo wget https://downloads.cisofy.com/lynis/lynis-3.0.5.tar.gz
sudo tar -xvf /path/to/lynis-3.0.5.tar.gz -C /usr/local/

HOWTO: UPDATE:

cd /usr/local/lynis
sudo ./lynis update info # Show update details
sudo ./lynis update release # Update Lynis release

INFO: PARAMETERS:

  • --checkall or -c : Start the scan.
  • --check-update : Checks for Lynis update.
  • --cronjob : Runs Lynis as cronjob (includes -c -Q).
  • --help or -h : Shows valid parameters
  • --quick or -Q : Don’t wait for user input, except on errors
  • --version or -V : Shows Lynis version.

Running Lynis without any parameters with generate an error:

sudo /usr/local/lynis./lynis

 Error: No scanning mode specified!
 More scan options are available. See man page and online documentation for details

To run a full system scan run the following:

sudo ./lynis audit system -Q

All the information is logged at:

/var/log/lynis.log

Thanks to Techmint.