How to: Using Lynis plugins

Within this “how to” we explain when and how to use Lynis plugins. What are plugins? Plugins are small extensions to an existing program. Also Lynis supports the use of external plugins to extend functionality. Lynis plugins are written in shell script and might use system binaries or external binaries to perform additional checks. The big difference between custom tests and plugins in Lynis, are the goal of the tests. If some logic function checks a value and can inform […]

Read more

Linux server security: Three steps to secure each system

Linux server security: Three steps to secure each system Determining the level of Linux server security can only by measuring the actual implemented security safeguards. This process is called auditing and focuses on comparing common security measures with the ones implemented. While there is almost no system with all possible safeguards implemented, we still can determine how well (or badly) the system is protected. Security is about finding the weakest link(s) and associate risk with each weakness. Depending on the […]

Read more

Lynis for Auditors: Linux and Unix auditing

Lynis for Auditors: Linux and Unix auditing Auditing on Linux Although Unix and Linux based systems are not new, getting an extensive knowledge of the operating system takes years of practice. Even then, with all changes it might be hard to keep up, especially when being an auditor. Examples of these are the differences between package managers, the way services are started and where binaries or configuration files are located. But no worries, there is help! Why Lynis? The goal […]

Read more

Difference between Lynis and Lynis Enterprise

Difference between Lynis and Lynis Enterprise People wonder about the main differences between Lynis and the Lynis Enterprise version. In this article we have a look on what both products are and how you can choose between the two. Lynis Lynis is a security auditing tool for Linux and Unix based systems. With its GPLv3 license it’s open source and freely available. The tool was first released in 2007 and has undergone a lot of development during the years. Lynis is […]

Read more

Open source vulnerability scanner for Linux systems – Lynis

Open source vulnerability scanner for Linux There are several open source vulnerability scanners for Linux, like OpenVAS. While tools like these are powerful as well, we will have a look at Lynis, our auditing tool to detect vulnerabilities of Linux and Unix systems. Why is it different than others and how can it help you in securing your systems? Vulnerabilities Every piece of software will have sooner or later a vulnerability, a minor or major weakness which can be abused […]

Read more

FreeBSD hardening with Lynis

FreeBSD hardening with Lynis Lynis development has its roots on a FreeBSD system, therefore FreeBSD hardening is also easy and supported when using Lynis. People who want to audit and harden their FreeBSD system will discover Lynis to be a powerful tool for this purpose. In this article we will focus on how to audit your system with Lynis. Lynis Lynis is an open source audit tool. It only requires root access and a normal shell and the tool is […]

Read more

How to update Lynis

How to update Lynis With every software tool receiving improvements and bug fixes, it’s important to update Lynis as well. In this article we have a look at how to easily upgrade Lynis. Options Two common options to keep software up-to-date is by using a package, or the usage of a custom archive. Installing Lynis is optional, running it from remote (or local) storage is a valid option. Lynis Packages On the CISOfy software repository you can find a Lynis […]

Read more

CAATTs for Linux: Lynis

CAATTs for Linux Within the field of the audit profession the usage of CAAT (Computer-assisted audit techniques) or CAATTs (computer-assisted audit tools and techniques) is growing. Lynis is filling this gap for Linux and Unix based systems. It’s a well-known and stable tool in this area and improves the audit process by automation. Only a few items could then be checked manually. This saves time, makes the audit more predictable and increases the quality of the overall audit. Lynis Based […]

Read more

How to use Lynis

How to use Lynis This article explains in a few quick steps how to start with using Lynis. A more extensive explanation can be found in the documentation of Lynis. Download Lynis: wget http://cisofy.com/files/lynis-version.tar.gz Unpack tarball: tar xfvz lynis-version.tar.gz This will unpack the tarball with a Lynis directory. Go into this directory: cd lynis-version When running Lynis for the very first time, just just the -c parameter. It will start the audit process and pauses after every batch of tests. […]

Read more

Lynis Hardening Index

At the end of each Lynis scan, the report will be displayed. This report will include the findings (warnings and suggestions) and general information like the number of security tests performed. Additionally, the location of the log file and report data will be displayed. Between all this information there is a “Lynis hardening index” displayed. This index is unique to Lynis. The index gives the auditor an impression on how well a system is hardened. This number, however, is just […]

Read more

Securing Linux: Audit with Lynis (an introduction into auditing)

Introduction Securing a Linux system can take a lot of time. For this purpose we have written Lynis, a quick and small audit tool. It’s an open source tool and freely available. You just need root permissions and a common shell and you’re ready to do your first audit. The main audience for this tool is auditors, security professionals, penetrating testers and system administrators. First audit Most Linux distributions already have Lynis in their software repository. If not, then download Lynis […]

Read more

Lynis stuck during testing

Introduction Normal Lynis scans take a few minutes to complete, therefore any test taking more than 1 minute, might be stuck during its test. Within this article we have a look at a few things you can do. Stuck When a particular test is taking a long time, the test might be stuck. However, that’s not always the case. To determine what Lynis is doing, open up a second terminal and start with running ps aux to see what processes […]

Read more
12