How are auditd and Lynis different?

Differences between auditd and Lynis Recently I received the question what the difference is between auditd and Lynis. Both focus on auditing, that part is clear. For someone not familiar with both software tools, the technical differences may not directly be obvious. Time to write about that, for everyone that has the same question. Comparing functionality Let’s start with a quick introduction in both tools. Audit daemon Auditd is the daemon process in the Linux Audit Framework, written and maintained by […]

Read more

Migration tips for Lynis to version 2.3.1 and beyond

Lynis migration tips Usually a lot of work is put into new releases. So it is a shame if most users don’t use the latest version, right? Surprisingly, that still happens a lot. In the recent past, users of Lynis had to rely on external package maintainers, custom package building, or manually downloading the latest release. Debian and RPM packages If you are running a system that uses the DEB or RPM format, you might want to use our new […]

Read more

Three big changes and reasoning behind Lynis 2.3.0

Lynis 2.3.0 Last two releases we invested a lot of work in rebuilding our auditing tool Lynis. The original code is from 2007, and we have plans to add a lot of new tests. Before doing so, we decided to give Lynis a good spring cleanup and enhance its core. This way it will properly deal with the upcoming weight of the new tests. These major changes also mean a slightly different approach in some areas. So here is the […]

Read more

The Non-Technical Changelog: Insights of 6 Months Development

The Non-Technical Changelog Lessons learned between our last and current release The Lynis project team is proud to announce a new release of our security auditing tool. With months of work and a variety of changes, we bumped up the version to a “zero release” (2.2.0). The technical changelog is included in the download. We consider it to be a stable release, yet ask all to test it first. Being the original author of Lynis, there is an additional background […]

Read more

Viewing available test categories in Lynis

Test categories in Lynis When auditing a server, it may be useful to only run a particular category of tests, like firewall related tests. In that case the –tests-category parameter can be used, together with the category name. Available categories To determine what categories are available, Lynis has a built-in parameter –view-categories which lists all available files. Most of the names are self-explanatory on what of tests they include. For more information about the included tests, have a look in […]

Read more

What’s New in Lynis 2: Features

Lynis 2.x Features Lynis 2.x will bring security auditing of Linux and Unix systems to a new level. In this blog post we share some exciting new features. Release of Lynis 2 is planned for February 2015. Overview: History Lynis 2.x Plugins Systemd Support File Integrity Monitoring Containers & Virtualization Operating Systems Focus on Simplicity Free and Commercial Support   History Lynis has been created in 2007, as a follow-up on the well-known tool Rootkit Hunter (rkhunter). Both tools are […]

Read more

Product comparison: Lynis VS Nessus

Lynis VS Nessus Comparison of both products Professionals ask us often how Lynis is different than Tenable Nessus. As the original author of Lynis, let me address that very interesting question.   Different goal Nessus is focused on vulnerability scanning, or in other words, finding weaknesses in you environment. The huge amount of plugins and their actions show that this is the primary focus. Along the way it started to implement others services, like compliance checking. Lynis also detects vulnerabilities, […]

Read more

Alternatives to Bastille Linux: system hardening with Lynis

System hardening with Lynis Many people used Bastille Linux to harden their Linux systems. Unfortunately the website of Bastille seems very outdated, including the tool. This resulted in people searching for a great alternative to replace this tool. We found the alternative by actually combining different solutions, being more powerful. Security automation is hot, so forget Bastille and do it the right way. Automatic hardening makes sense Most system administrators can’t keep up with the new technologies and security threats. […]

Read more
1234