Difference between revisions of "Lynis"
From Indie IT Wiki
Plittlefield (talk | contribs) |
Plittlefield (talk | contribs) |
||
Line 41: | Line 41: | ||
Thanks to [http://www.tecmint.com/linux-security-auditing-and-scanning-with-lynis-tool/ Techmint]. | Thanks to [http://www.tecmint.com/linux-security-auditing-and-scanning-with-lynis-tool/ Techmint]. | ||
− | [[Category | + | [[Category:Software]] |
− | [[Category | + | [[Category:Linux]] |
Latest revision as of 09:05, 16 July 2021
Lynis is a security auditing tool for Unix and Linux based systems. It performs in-depth security scans, with almost no configuration.
HOWTO: INSTALL:
- Lynis does not need installation just extraction to a folder and is then run from there.
- Visit the website and confirm the current version before proceeding and modify the information below to match.
sudo wget https://downloads.cisofy.com/lynis/lynis-3.0.5.tar.gz sudo tar -xvf /path/to/lynis-3.0.5.tar.gz -C /usr/local/
HOWTO: UPDATE:
cd /usr/local/lynis sudo ./lynis update info # Show update details sudo ./lynis update release # Update Lynis release
INFO: PARAMETERS:
- --checkall or -c : Start the scan.
- --check-update : Checks for Lynis update.
- --cronjob : Runs Lynis as cronjob (includes -c -Q).
- --help or -h : Shows valid parameters
- --quick or -Q : Don’t wait for user input, except on errors
- --version or -V : Shows Lynis version.
Running Lynis without any parameters with generate an error:
sudo /usr/local/lynis./lynis Error: No scanning mode specified! More scan options are available. See man page and online documentation for details
To run a full system scan run the following:
sudo ./lynis audit system -Q
All the information is logged at:
/var/log/lynis.log
Thanks to Techmint.