How are auditd and Lynis different?

Differences between auditd and Lynis Recently I received the question what the difference is between auditd and Lynis. Both focus on auditing, that part is clear. For someone not familiar with both software tools, the technical differences may not directly be obvious. Time to write about that, for everyone that has the same question. Comparing functionality Let’s start with a quick introduction in both tools. Audit daemon Auditd is the daemon process in the Linux Audit Framework, written and maintained by […]

Read more

Tools compared: rkhunter VS Lynis

Rootkit Hunter and Lynis compared The question about what the differences are between rkhunter and Lynis is showing up more and more. Time to share the purpose of both and show the difference in its usage. As the author of both tools, I should have done this nine years ago. So with some little delay, here it is. Rootkit Hunter Written in 2003, rkhunter had the goal to detect malware on Linux and UNIX-based systems. The main target was rootkits, with […]

Read more

Migration tips for Lynis to version 2.3.1 and beyond

Lynis migration tips Usually a lot of work is put into new releases. So it is a shame if most users don’t use the latest version, right? Surprisingly, that still happens a lot. In the recent past, users of Lynis had to rely on external package maintainers, custom package building, or manually downloading the latest release. Debian and RPM packages If you are running a system that uses the DEB or RPM format, you might want to use our new […]

Read more

Three big changes and reasoning behind Lynis 2.3.0

Lynis 2.3.0 Last two releases we invested a lot of work in rebuilding our auditing tool Lynis. The original code is from 2007, and we have plans to add a lot of new tests. Before doing so, we decided to give Lynis a good spring cleanup and enhance its core. This way it will properly deal with the upcoming weight of the new tests. These major changes also mean a slightly different approach in some areas. So here is the […]

Read more

Why Auditing and Vulnerability Scanning are Different Things

Why Auditing and Vulnerability Scanning are Different Things As the author of Lynis, we hear often the question: It is like Nessus, right? It seems that everything is compared with Nessus, especially when it comes to Linux security. Surprise, it is not. Let’s get things straight, and talk about the benefits of both. Vulnerability Scanning Scanners like Nessus and OpenVAS are great tools. You drop a system in the network and start scanning. The scanner then usually starts with a ping […]

Read more

The Non-Technical Changelog: Insights of 6 Months Development

The Non-Technical Changelog Lessons learned between our last and current release The Lynis project team is proud to announce a new release of our security auditing tool. With months of work and a variety of changes, we bumped up the version to a “zero release” (2.2.0). The technical changelog is included in the download. We consider it to be a stable release, yet ask all to test it first. Being the original author of Lynis, there is an additional background […]

Read more

Tiger is History, Long Live Modern Alternatives!

The History and Alternatives to the Tiger Security Tool Recently I saw some tweets showing up from an old friend: Tiger. Surprised to see it being promoted, as I know the tool for years, but never seen any new releases in the last years. Both are actually a shame. An outdated tool is usually of lower value. Promoting old tools might actually disappoint others and harm the initial trust in the software. History of Tiger In its day, the tool […]

Read more

Find Differences Between Two Daily Lynis Audits

Comparing Lynis Scan Results Lately I saw a great feature request for Lynis, to detect differences between two runs of Lynis. Wouldn’t it be great to run Lynis daily and then see if anything changes and act upon those differences? While our auditing tool doesn’t have such an option itself, it is very easy to implement something and fine-tune it to your needs. Report Lynis has two important files to which is logs data: /var/log/lynis.log /var/log/lynis-report.dat The first file /var/log/lynis.log has […]

Read more
1234