Auditing Linux machine with Lynis Auditing Tool

I am sure everyone understand how important is to keep your Linux system regardless if you run [easyazon-link asin=”1430219300″ locale=”us”] CentOS [/easyazon-link], [easyazon-link asin=”0132757273″ locale=”us”] Red Hat Enterprise Linux [/easyazon-link] or [easyazon-link asin=”013254248X” locale=”us”] Ubuntu Linux [/easyazon-link] in secure state. There is plenty tools available free or paid to achieve one goal to make sure your system is up to standard and meet security requirements. Lately I was playing with this small but very fast and great auditing tool called [easyazon-link asin=”5511896896″ locale=”us”] Lynis [/easyazon-link].

[easyazon-link asin=”5511896896″ locale=”us”] Lynis [/easyazon-link] is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.This software aims in assisting automated auditing, software patch management, vulnerability and [easyazon-link asin=”0071792066″ locale=”us”] malware [/easyazon-link] scanning of Unix based systems. It can be run without prior installation, so inclusion on read only storage is no problem (USB stick, cd/dvd).

Lynis assists auditors in performing Basel II, GLBA, [easyazon-link asin=”1603592059″ locale=”us”] HIPAA [/easyazon-link], [easyazon-link asin=”0470260467″ locale=”us”] PCI DSS [/easyazon-link] and SOX ([easyazon-link asin=”0470056681″ locale=”us”] Sarbanes-Oxley [/easyazon-link]) compliance audits.

Examples of audit tests:

  • Available authentication methods
  • Expired SSL certificates
  • Outdated software
  •  User accounts without password
  • Incorrect file permissions
  • Firewall auditing

This tool is fast and you can install it very easily and fast almost on all Linux distributions available today. This scans your system for security holes, look for expired SSL certs, incorrect file permissions, outdated packages and more. Once the scan is completed you can see rating 0 to 100 for your system and suggestions on findings and how to fix them 🙂

Screenshots:

[nggallery id=17]

Here are steps to install and run Lynis Auditing tool on [easyazon-link asin=”047048165X” locale=”us”] CentOS [/easyazon-link]:

su
wget http://www.rootkit.nl/files/lynis-1.3.0.tar.gz
tar xzvf lynis-1.3.0.tar.gz
cd lynis-1.3.0

Now you are ready to run the audit on your Linux system. The -c flag will check full system, once the script starts it will stop/pause for your input after each category of scan. In order to have it done quick and without stops you can use the -Q flag in the line.

su
cd lynis-1.3.0
sh lynis -c --auditor "sysadmin" -Q
##  to see all available flags/options run this ##
sh lynis -h

Once the scan is completed you are presented with the score, findings and suggestions for your system.

[easyazon-image align=”none” asin=”1849517746″ locale=”us” height=”160″ src=”http://ecx.images-amazon.com/images/I/51AXzGAjUbL._SL160_.jpg” width=”130″]

Leave a Reply