Shulou(Shulou.com)06/01 Report--

Most people do not understand the knowledge points of this article "how to install and use Lynis under Linux", so the editor summarizes the following contents, detailed contents, clear steps, and certain reference value. I hope you can get something after reading this article. Let's take a look at this "how to install and use Lynis under Linux" article.

Lynis is an audit tool for Linux and Unix for system administrators. Lynis scans the configuration of the system and creates a professional audit that outlines the information and security issues used by the system.

Environment

Centos8

Lynis-3.0.0

Install Lynix

Lynis is a lightweight software that does not damage the system, nor does it affect any applications or services on Linux systems. First, we will create a directory for the installation of Lynis, enter that directory, and wget download the latest Lynis source code:

[root@localhost ~] # mkdir / usr/local/lynis [root@localhost ~] # cd / usr/local/lynis/ [root@localhost lynis] # wget https://downloads.cisofy.com/lynis/lynis-3.0.0.tar.gz

Unzip the package and enter the directory you unzipped

[root@localhost lynis] # tar xvf lynis-3.0.0.tar.gz [root@localhost lynis] # cd lynis

Run lynis to display help information. Users with administrator privileges can run the script, and all logs and output will be saved in the / var/log/lynis.log file:

[root@localhost lynis] #. / lynis starts auditing and looks for vulnerabilities

Perform a local security scan, so use the 'audit system' parameter to scan the entire system. Run the following command to start an audit of the entire system:

[root@localhost lynis] #. / lynis audit system or [root@localhost lynis] #. / lynis audit system-- wait

-- wait option: wait for the user to press enter to display the report in the next section.

Sometimes we don't want to scan or audit applications or services across the system, so we can audit custom applications by category. We can first list all the groups and then select the groups that need to be audited or scanned.

[root@localhost lynis] #. / lynis show groups

Now we will do a simple audit of "kernel" and "firewalls". We will use the following command.

[root@localhost lynis] # / lynis-- tests-from-group "kernel firewalls"

To see more lynis command options, refer to its man page:

[root@localhost lynis] # / lynis-- the above man is about "how to install and use Lynis under Linux". I believe you all have some understanding. I hope the content shared by the editor will be helpful to you. If you want to know more about it, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.