Shulou(Shulou.com)06/01 Report--

Today, I will talk to you about the installation of lynis in the Linux system and what the basic usage is, many people may not know much about it. In order to make you understand better, the editor has summarized the following contents for you. I hope you can get something according to this article.

About Lynis: Lynis is a proven security tool for systems running Linux,macOS or Unix operating systems. It performs a comprehensive health scan of your system to support system hardening and compliance testing. The project is open source software with a GPL license and has been available since 2007.

Download and use Lynis in Linux system github address: https://github.com/CISOfy/lynis

$git clone https://github.com/CISOfy/lynis $cd lynis $. / lynis audit system # the objectives of the audit system audit can include:

System

Dockerfile

Some common options:

Parameter description-auditor auditor-checkall,-c starts reviewing the entire system-check-update checks if lynis needs to be upgraded-cronjob starts as a scheduled task (includes-c-Q)-help,-h displays help-manpage view man pages-nocolors does not use any color-pentest performs penetration test scan (unprivileged)-quick,-Q do not wait for user input except for errors-quiet displays warnings only (including-quick) But don't wait)-reverse-colors uses a different color scheme for light backgrounds-version,-V check versions such as a simple audit:

Lynis-c-- auditor "root" reports and records lynis audit results in three types: screen, record, and report. At the end of the second Lynis scan, a report is displayed and a large amount of information collected is stored in the log file, which is cleared by default at / var/log/lynis.log. The report file / var/log/lynis-repot.dat contains useful audit results.

Enhancement Index each lynis scan shows an enhancement index:

This figure is only an indicator of measures taken.

Custom test Test-IDs the system currently being tested may not need to test everything, we can specify parameters to test:

$lynis-tests partial list of "Test-IDs" Test-ID:

FILE-7502 (check all binary files in the system) BOOT-5121 (GRUB boot loader presence check). BOOT-5139 (LILO boot loader presence check) BOOT-5142 (check SPARC Improved boot loader (SILO)) BOOT-5155 (check YABOOT boot loader configuration file) BOOT-5159 (OpenBSD i386 boot loader presence check) BOOT-5165 (check FreeBSD boot services) BOOT-5177 (check Linux boot and running services) BOOT-5180 (check Linux boot services (Debian style)) BOOT-5184 (check boot file / script permissions) BOOT-5202 (check the positive of the system Normal runtime) KRNL-5677 (check CPU options and support) KRNL-5695 (determine Linux kernel version and version number) KRNL-5723 (determine whether the Linux kernel is a single kernel) KRNL-5726 (check Linux loaded kernel modules) KRNL-5728 (check Linux kernel configuration) KRNL-5745 (check FreeBSD loaded kernel modules) KRNL-5770 (check active kernel modules) KRNL-5788 (check the availability of new kernels) KRNL-5820 (check core dump configuration)

You can run multiple Test-IDs simultaneously:

$lynis-tests' Test1 Test2...' Run a specific category using the-test-category parameter to run the Test-ID contained within a specific category

$lynis-tests-category "firewalls kernel" commonly used commands $. / lynis-c-- auditor "Root" after reading the above, do you have any further understanding of the installation of lynis in the Linux system and the basic usage? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.