If we are working as a System Administrator, Security or System auditor, our responsibilities include tasks like: Security patch installation for OS or Applications, malware scanning, File integrity checks, Security audit, configuration error checks and more. If there is a tool capable of looking for these vulnerabilities automatically it could help us a lot and we can assure we are doing our best to keep the system secure.
One of this tools is Lynis. This tool is supported by multiple platforms including Linux CentOS, Debian, Fedora, FreeBSD, MacOS, Ubuntu and much more.
This tool will audit the system in multiple categories like:
- System Tools
- Boot and Services
- Kernel
- Memory and process
- User, Groups and Authentication methods
- Shells
- FileSystems
- Storage
- Network FileSystems
- Applications
- Name Services: Dns, Bind
- Ports
- Packages
- Network Services: Nginx, Apache
- Print Services
- Mailing and messaging
- SSH
- SNMP
- Databases: MySQL, Oracle, MariaDB
- LDAP
- PHP
- Squid
- Logs
- Insecure Services: inetd
- CronJobs
- Criptography
- Virtualization
- File Integrity
- Malware
- Directories
- And more…
Step 1 – Install Lynis
To install this valuable security tool, all we have to do is run these commands in the terminal as the root user. With these commands, we will create a Dir for Lynis and download the package.
cd /opt git clone https://github.com/CISOfy/lynis
Step 2 – Scan System with Lynis
To run this tool simply run the below command.
cd /opt/lynis ./lynis audit system --quick
Once the tool has finished scanning, it will save its audit report in /var/log/lynis.log. The report will alert us with the found vulnerabilities in our Linux server. It will also give us suggestions to hardened the security.
Check all results and fix vulnerabilities. For example, the result showing expose_php is on in PHP.
2 Comments
how to store the Lynis log report details into mysql database can u pls how should i get it please
thanks advance
How to update lynis because update is available hope to help