Check systems security with Lynis

Posted by:

How many times have you wondered about your systems security ? Using Linux or Mac is not enough! You must check and configure your systems to be as secure as possible. To do this we can use Lynis, a command-line utility to check  system(s) against malware, system misconfigurations, systems integrity, etc…
Lynis is easy to install and is available for Debian like and RedHat like distros, FreeBSD and MacOSX. 

As well explained on rootkit.nl website “Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.

This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems. It can be run without prior installation, so inclusion on read only storage is no problem (USB stick, cd/dvd).

Lynis assists auditors in performing Basel II, GLBA, HIPAA, PCI DSS and SOX (Sarbanes-Oxley) compliance audits.”

In this article I’ll show you how to install and run Lynis on your PC.

First of all we have to download Lynis sources from it’s official web site at http://www.rootkit.nl. At the moment the latest version available is 1.3.0.
If you want to install Lynis using packages you can check the site for RPM or Debian packages.
Sources are available for download using the direct link at http://www.rootkit.nl/files/lynis-1.3.0.tar.gz

Once downloaded we need to open a terminal in the download directory and run the command

sudo tar xvfvz lynis-1.3.0.tar.gz -C /opt

to extract Lynis under /opt directory. This is the only step needed to install Lynis on your system.

We can now start the first system assessment using:

/opt/lynis-1.3.0/lynis --check-all

The tool will start several checks on the system and you have to confirm every single group pressing ENTER. This is useful if you want to stop tests and to check every single operation provided by Lynis.

At the end of scan activity Lynis will show you a report about vulnerabilities and warnings you can use to tuning your system security.

If you want to run all tests without any interaction just run

/opt/lynis-1.3.0/lynis --check-all -Q

NOTICE: if you are in trouble due the error “Make sure to execute Lynis from untarred directory or check installation” run the tool from its own directory:

cd /opt/lynis-1.3.0
/opt/lynis-1.3.0/lynis --check-all -Q

 

0

About the Author:

Andrea is a certified CISSP and OPST Security Expert with fourteen years experience, encompassing SIEM, malware analysis, investigating security incidents, computer and network forensics, ISO 27001/NIST/COBIT audits and hardening of various devices. He also develops FG-Scanner project.
  Related Posts

Add a Comment