5 things you didn’t know about shell scripting

5 things you didn’t know about shell scripting Our security auditing tool Lynis is a toolkit consisting of several shell scripts. Many users of the software actually never realized it was written as a bunch of shells scripts.. The secret is out.. But why shell scripting? Here are 5 reasons! 1. Shell scripting is powerful Yes, people asked us why our tool Lynis was not written in Perl, Python, Ruby, C++ etc.. But honestly, why would we? It is portable, […]

Read more

How to deal with Lynis suggestions?

How to deal with Lynis suggestions? After finishing an audit with Lynis, the screen is usually filled with a lot of suggestions. Most users don’t know where to start with hardening and how to deal with these Lynis suggestions in particular. We provide you some tips! Before we start, we strongly suggest to use the latest version of Lynis. If you are using an outdated version from the software repositories, the output could be slightly different. The latest version can […]

Read more

Lynis Security Notice: 1.5.4 and older

Lynis Security Notice: 1.5.4 and older This week a vulnerability was reported in versions up to Lynis 1.5.4. With Lynis being a security audit tool and focused on hardening Linux and Unix based systems, we regret any (security) bug being discovered. Since it is open source software, we like to be open about the issue, to help you understanding it and take the right precautions. Description: The temporary files created in the tests_webservers section are too predictable. This may resulting […]

Read more

How to keep Lynis up-to-date?

How to keep Lynis up-to-date? Keeping software like Lynis up-to-date is nowadays very important. More and more vendors implement software development methodologies like agile and scrum, to decrease the time between new software versions. This way software enhancements are easier to implement and possible bugs earlier fixed. It’s up to the user of the software to stay up-to-date and therefore we provide some tips on how to update Lynis easily. Notifications Staying up-to-date begins with receiving an update when a […]

Read more

Unix security audit: Perform an audit in 3 minutes

Unix security audit: Perform an audit in 3 minutes Want to know the vulnerabilities of a Unix/Linux system is in just 3 minutes? How? Perform a scan with Lynis, the open source Unix security audit tool! Lynis Lynis is open source software (GPLv3), released in 2007 and a popular choice by many security professionals and system administrators. Hundreds of downloads in the first week of each release and with a lot of community feedback, Lynis is the right tool for […]

Read more

How to: Using Lynis plugins

How to: Using Lynis plugins Within this “how to” we explain when and how to use Lynis plugins. What are plugins? Plugins are small extensions to an existing program. Also Lynis supports the use of external plugins to extend functionality. Lynis plugins are written in shell script and might use system binaries or external binaries to perform additional checks. The big difference between custom tests and plugins in Lynis, are the goal of the tests. If some logic function checks […]

Read more

Linux kernel security and how to improve it

Linux kernel security Every system is as strong as its weakest link. In the case of an operating system a weakness in the kernel often means a total compromise. Therefore we focus in this article on Linux kernel security, what we can do and where to look for. Configuration of the kernel To view or configure security related parameters of the kernel, there is the /etc/sysctl.conf file. This file stores the parameters and is read during boot time. However we […]

Read more

Lynis for Auditors: Linux and Unix auditing

Lynis for Auditors: Linux and Unix auditing Auditing on Linux Although Unix and Linux based systems are not new, getting an extensive knowledge of the operating system takes years of practice. Even then, with all changes it might be hard to keep up, especially when being an auditor. Examples of these are the differences between package managers, the way services are started and where binaries or configuration files are located. But no worries, there is help! Why Lynis? The goal […]

Read more
1234