How to keep Lynis up-to-date?

How to keep Lynis up-to-date?

Keeping software like Lynis up-to-date is nowadays very important. More and more vendors implement software development methodologies like agile and scrum, to decrease the time between new software versions. This way software enhancements are easier to implement and possible bugs earlier fixed. It’s up to the user of the software to stay up-to-date and therefore we provide some tips on how to update Lynis easily.

Notifications

Staying up-to-date begins with receiving an update when a new release is available. For Lynis there are several possibilities, so everyone can use it’s preferred method.

Project page

Via Freecode people can subscribe to their favorite open source tools. Lynis has it’s own project page as well. If you have a Freecode account, subscribe to the project.

RSS feed: http://freecode.com/projects/lynis/releases.atom

Social media

The company account is @cisofy_is. Founder Michael Boelen can be followed via @mboelen. New releases will generally be announced via both accounts.

Founder Michael can also be reached or followed via his Google+ profile.

Lynis

Another way to determine if there is an update, is using Lynis itself and use the –check-update parameter. It will display “Up-to-date” if Lynis is running the latest version.

root@host:/root# ./lynis –check-update

== Lynis ==

Version         :   1.4.8 [ Up-to-date ]
Release date    :   27 March 2014
Update location :   http://cisofy.com

Copyright 2007-2014 – Michael Boelen, http://cisofy.com

Download

New releases of Lynis and plugins can be downloaded via the CISOfy website. Before running new software versions, you are advised to check the related SHA1 checksum first. This hash is published on the download page, together with the link to the Lynis version itself.

Packages

When using a Lynis package, it usually takes time before the latest version is available. Depending on the platform you are using, a request for an update can be requested (if it’s really outdated). For example when using FreeBSD, a PR could be created to update the ports tree entry for Lynis.

When using custom build packages, updating might be as simple as altering the version number and rebuilding the package.

Lynis Enterprise

Lynis Enterprise screenshot to help with system hardening

This blog post is part of our Linux security series and the mission to get Linux and Unix-based systems more secure.

Does system hardening take a lot of time, or do you have any compliance in your company? Have a look at Lynis Enterprise.

Or start today with the open source security scanner Lynis (GitHub)