Lynis
From Indie IT Wiki
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Lynis is a security auditing tool for Unix and Linux based systems. It performs in-depth security scans, with almost no configuration.
HOWTO: INSTALL:
- Lynis does not need installation just extraction to a folder and is then run from there.
- Visit the website and confirm the current version before proceeding and modify the information below to match.
sudo wget https://downloads.cisofy.com/lynis/lynis-3.0.5.tar.gz sudo tar -xvf /path/to/lynis-3.0.5.tar.gz -C /usr/local/
HOWTO: UPDATE:
cd /usr/local/lynis sudo ./lynis update info # Show update details sudo ./lynis update release # Update Lynis release
INFO: PARAMETERS:
- --checkall or -c : Start the scan.
- --check-update : Checks for Lynis update.
- --cronjob : Runs Lynis as cronjob (includes -c -Q).
- --help or -h : Shows valid parameters
- --quick or -Q : Don’t wait for user input, except on errors
- --version or -V : Shows Lynis version.
Running Lynis without any parameters with generate an error:
sudo /usr/local/lynis./lynis Error: No scanning mode specified! More scan options are available. See man page and online documentation for details
To run a full system scan run the following:
sudo ./lynis audit system -Q
All the information is logged at:
/var/log/lynis.log
Thanks to Techmint.