So what is this Lynis tool all about?
Lynis is a security tool used for auditing Unix based systems it’s main aims are to achieve automated security auditing, compliance testing for standards such as ISO27001, PCI-DSS and HIPAA. It also offers vulnerability detection for areas of the system that could be vulnerable to issues such as privilege escalation.
The tools can run security scans on the system itself or even remotely. The primary goal of this tool is to test the configuration of a system and provide tips to harden security. The tool can also scan for general information and vulnerable software packages and possible configurations flaws in the system.
Lynis is commonly used by the system administrators and security penetration testers to perform audits and assess a system’s security.
Let’s have a look at it in action!
After running the tool on our test machine, we found it displays a number of helpful recommendations in hardening your system. Here is an example below:
How Can I Install it?
You can get the tool HERE
In order to install the tool, you need to clone the GitHub repo of the tool.
git clone https://github.com/CISOfy/lynis
Once the clone is completed you need to execute the following command to run the tool and start its work.
cd lynis; ./lynis audit system
The stable release of the software is currently available for CentOS, Debian, Fedora, OEL, openSUSE, RHEL, Ubuntu and MacOS.
If you want to add features to this tool and customize it you can follow the guidelines of the Lynis Software Development Kit.
The full documentation of the tool is available HERE