Lynis

From Indie IT Wiki
Jump to: navigation, search

Lynis is a security auditing tool for Unix and Linux based systems. It performs in-depth security scans, with almost no configuration.

HOWTO: INSTALL:

  • Lynis does not need installation just extraction to a folder and is then run from there.
  • Visit the website and confirm the current version before proceeding and modify the information below to match.
sudo wget https://cisofy.com/files/lynis-2.2.0.tar.gz
sudo tar -xvf /path/to/lynis-2.2.0.tar.gz -C /usr/local/

HOWTO: UPDATE:

cd /usr/local/lynis
sudo ./lynis update info # Show update details
sudo ./lynis update release # Update Lynis release

INFO: PARAMETERS:

  • --checkall or -c : Start the scan.
  • --check-update : Checks for Lynis update.
  • --cronjob : Runs Lynis as cronjob (includes -c -Q).
  • --help or -h : Shows valid parameters
  • --quick or -Q : Don’t wait for user input, except on errors
  • --version or -V : Shows Lynis version.

Running Lynis without any parameters with generate an error:

sudo /usr/local/lynis./lynis

 Error: No scanning mode specified!
 More scan options are available. See man page and online documentation for details

To run a full system scan run the following:

sudo ./lynis --check-all

As each section completes you will be presented with:

[ Press [ENTER] to continue, or [CTRL]+C to stop ]

To run a full scan without prompting use the following:

sudo ./lynis -c -Q

All the information is logged at:

/var/log/lynis.log

Thanks to Techmint.