You are reading the article How To Audit Your Linux Security With Lynis updated in September 2023 on the website Uyenanhthammy.com. We hope that the information we have shared is helpful to you. If you find the content interesting and meaningful, please share it with your friends and continue to follow and support us for the latest updates. Suggested October 2023 How To Audit Your Linux Security With Lynis
For most home-based situations, you won’t have to bother with the security of your Linux machine. It is pretty secure by default. However, if you are using your computer as a server, either SSH server or Web server, or you are the system administrator for your company, then you will have to step up on the Linux security.
Lynis is an auditing tool which tests and gathers (security) information from Unix-based systems. The good thing is that it is easy to use, and you can get a security report on your Linux Security in as fast as five minutes. If you are a security and system auditor, network specialist or system maintainer, this is a tool you will want to have in your arsenal.
In Ubuntu, you can easily install Lynis via the Ubuntu Software Center or from the following link. If you are managing a remote system, you can install with the command line:
sudo
apt-get install
lynisFor other distros, you can check out the Lynis homepage where there are links to non-official RPMs and Debian packages for various distros.
UsageThe usage of Lynis is very simple. In the terminal, you just have to type the command:
sudo
lynis-c
and it will check the system for security issues. The things it checks will include:
System tools
Boot loaders, startup services
Kernel: run level, loaded modules, kernel configuration, core dumps
Memory and processes: zombie processes, IO waiting processes
Users, groups and authentication: group IDs, sudoers, PAM configuration, password aging, default mask
File systems: mount points, /tmp files, root file system
Storage: usb-storage, firewire ohci
NFS Software: name services: DNS search domain, BIND
Ports and packages: vulnerable/upgradable packages, security repository
Software: firewalls: iptables, pf
Software: webserver: Apache, nginx
SSH support: SSH configuration
SNMP support Databases: MySQL root password LDAP services
Software: php: php options
Scheduled tasks: crontab/cronjob, atd
Time and synchronization: ntp daemon
Cryptography: SSL certificate expiration
Security frameworks: AppArmor, SELinux, grsecurity status
Software: file integrity
Software: malware scanners
Home directories: shell history files
and more
Once it has finished scanning, it will generate a report and save it to chúng tôi Open it up in your terminal:
sudo
nano
/
var/
log/
lynis.logYou can scroll down the list to read all the tests that Lynis has performed. Alternatively, you can just search (using the shortcut key Ctrl + w) for “Warning” to find the entries that need your attention.
Better still, you can use the following command to list all the “Warnings” in the report:
or
sudo
grep
Suggestion/
var/
log/
lynis.logto get a list of “Suggestions” provided by Lynis.
That’s it.
Even if you are an experienced Linux administrator, there are bound to be certain security loopholes that you have missed in your Linux security. With Lynis, you will be able to audit your system and make sure the all security features are enforced.
Image credit: Up, Tight
Damien
Damien Oh started writing tech articles since 2007 and has over 10 years of experience in the tech industry. He is proficient in Windows, Linux, Mac, Android and iOS, and worked as a part time WordPress Developer. He is currently the owner and Editor-in-Chief of Make Tech Easier.
Subscribe to our newsletter!
Our latest tutorials delivered straight to your inbox
Sign up for all newsletters.
By signing up, you agree to our Privacy Policy and European users agree to the data transfer policy. We will not share your data and you can unsubscribe at any time.
You're reading How To Audit Your Linux Security With Lynis
Update the detailed information about How To Audit Your Linux Security With Lynis on the Uyenanhthammy.com website. We hope the article's content will meet your needs, and we will regularly update the information to provide you with the fastest and most accurate information. Have a great day!