How to Check for Vulnerabilities on Linux with Lynis

If we are working as a System Administrator, Security or System auditor, our responsibilities include tasks like: Security patch installation for OS or Applications, malware scanning, File integrity checks, Security audit, configuration error checks and more. If there is a tool capable of looking for these vulnerabilities automatically it could help us a lot and we can assure we are doing our best to keep the system secure.

One of this tools is Lynis. This tool is supported by multiple platforms including Linux CentOS, Debian, Fedora, FreeBSD, MacOS, Ubuntu and much more.

This tool will audit the system in multiple categories like:

• System Tools
• Boot and Services
• Kernel
• Memory and process
• User, Groups and Authentication methods
• Shells
• FileSystems
• Storage
• Network FileSystems
• Applications
• Name Services: Dns, Bind
• Ports
• Packages
• Network Services: Nginx, Apache
• Print Services
• Mailing and messaging
• SSH
• SNMP
• Databases: MySQL, Oracle, MariaDB
• LDAP
• PHP
• Squid
• Logs
• Insecure Services: inetd
• CronJobs
• Criptography
• Virtualization
• File Integrity
• Malware
• Directories
• And more…

Step 1 – Install Lynis

To install this valuable security tool, all we have to do is run these commands in the terminal as the root user. With these commands, we will create a Dir for Lynis and download the package.

cd /opt
git clone https://github.com/CISOfy/lynis

Step 2 – Scan System with Lynis

To run this tool simply run the below command.

cd /opt/lynis
./lynis audit system --quick

Once the tool has finished scanning, it will save its audit report in /var/log/lynis.log. The report will alert us with the found vulnerabilities in our Linux server. It will also give us suggestions to hardened the security.

Check all results and fix vulnerabilities. For example, the result showing expose_php is on in PHP.