How to Check for Vulnerabilities on Linux with Lynis

If we are working as a System Administrator, Security or System auditor, our responsibilities include tasks like: Security patch installation for OS or Applications, malware scanning, File integrity checks, Security audit, configuration error checks and more. If there is a tool capable of looking for these vulnerabilities automatically it could help us a lot and we can assure we are doing our best to keep the system secure.

One of this tools is Lynis. This tool is supported by multiple platforms including Linux CentOS, Debian, Fedora, FreeBSD, MacOS, Ubuntu and much more.

When we scan our Linux Server with Lynis, this tool will audit the system in multiple categories like:

• System Tools
• Boot and Services
• Kernel
• Memory and process
• User, Groups and Authentication methods
• Shells
• FileSystems
• Storage
• Network FileSystems
• Applications
• Name Services: Dns, Bind
• Ports
• Packages
• Network Services: Nginx, Apache
• Print Services
• Mailing and messaging
• SSH
• SNMP
• Databases: MySQL, Oracle, MariaDB
• LDAP
• PHP
• Squid
• Logs
• Insecure Services: inetd
• CronJobs
• Criptography
• Virtualization
• File Integrity
• Malware
• Directories
• And more…

How to Install Lynis

To install this valuable security tool, all we have to do is run these commands in the terminal as the root user. With these commands we will create a Dir for Lynis and download the package.

# cd /root
# mkdir lynis
# cd /root/lynis
# wget http://cisofy.com/files/lynis-1.4.5.tar.gz
# tar xzf lynis-1.4.5.tar.gz

How to Scan System with Lynis

To run the tool we simply run the command:

# cd /root/lynis/lynis-1.4.5
# ./lynis  --check-all --quick

Once the tool has finished scanning, it will save its audit report in /var/log/lynis.log . The report will alert us with the found vulnerabilities in our Linux server. It will also give us suggestions to hardened the security.