Server Administration & Management

Lynis – Security & System auditing tool

Lynis is an auditing tool for Unix (specialists). It scans the system configuration and creates an overview of system information and security issues usable by professional auditors. This software aims in assisting automated auditing of Unix based systems and can be used in addition to other software, like security scanners, system benchmarking and fine tuning tools.

Examples of audit tests:
– Available authentication methods
– Expired SSL certificates
– Outdated software
– User accounts without password
– Incorrect file permissions
– Firewall auditing

Steps to run Lynis without installing & Download the source from here

# wget http://www.rootkit.nl/files/lynis-1.3.0.tar.gz
# mkdir /usr/local/lynis
# tar -xvf lynis-1.3.0.tar.gz
# cd lynis-1.3.0
# sh lynis -c

Without parameters, Lynis will give you a valid list of parameters and return back to the shell prompt. At least the ‘-c’ (–check-all) parameter is needed, to start the scan process.

January 27, 2013 Posted by | Security, Tips & Tricks, Unix/Linux | , , , | Leave a comment