Shulou(Shulou.com)06/01 Report--

Today, I will talk to you about Lynis, an automatic security audit tool for Linux servers. Many people may not know much about it. In order to make you understand better, the editor has summarized the following for you. I hope you can get something according to this article.

Lynis is a security audit tool for operating systems such as Unix/Linux, which can find malware and security vulnerabilities in Linux-based systems. Lynis is a free and open source server audit tool. Once the audit is completed, we can review the results, warnings, and recommendations, and then we can implement our security policy based on it. It will display a report that can be divided into several parts.

Usually we run a lot of things on Linux servers, such as web services, database services, e-mail services, FTP services, and so on. Lynis simplifies the work of administrators by automating security audits and penetration testing on all Linux machines.

Environment

Centos 8

Lynis-3.0.0

Install Lynix

Lynis is a lightweight software that does not damage the system, nor does it affect any applications or services on Linux systems. First, we will create a directory for the installation of Lynis, enter that directory, and wget download the latest Lynis source code:

[root@localhost ~] # mkdir / usr/local/lynis [root@localhost ~] # cd / usr/local/lynis/ [root@localhost lynis] # wget https://downloads.cisofy.com/lynis/lynis-3.0.0.tar.gz

Unzip the package and enter the directory you unzipped

[root@localhost lynis] # tar xvf lynis-3.0.0.tar.gz [root@localhost lynis] # cd lynis

Run lynis to display help information. Users with administrator privileges can run the script, and all logs and output will be saved in the / var/log/lynis.log file:

[root@localhost lynis] #. / lynis

Start the audit and look for vulnerabilities

Perform a local security scan, so use the 'audit system' parameter to scan the entire system. Run the following command to start an audit of the entire system:

[root@localhost lynis] #. / lynis audit system or [root@localhost lynis] #. / lynis audit system-- wait

-- wait option: wait for the user to press enter to display the report in the next section.

Sometimes we don't want to scan or audit applications or services across the system, so we can audit custom applications by category. We can first list all the groups and then select the groups that need to be audited or scanned.

[root@localhost lynis] #. / lynis show groups

Now we will do a simple audit of "kernel" and "firewalls". We will use the following command.

[root@localhost lynis] # / lynis-- tests-from-group "kernel firewalls"

To see more lynis command options, refer to its man page:

[root@localhost lynis] #. / lynis-man

Summary

Lynis is a security audit tool for operating systems such as Unix/Linux, which can find malware and security vulnerabilities in Linux-based systems.

After reading the above, do you have any further understanding of Lynis, an automated security audit tool for Linux servers? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.