Arch Linux

Vulnerabilities happen and are usually fairly quickly fixed. This is also true for Arch Linux. This rolling distribution can be considered to be always up-to-date, as it uses the latest versions of software packages from the upstream. When there is an update, it doesn’t take long that it becomes available and can be installed with package manager pacman. One problem that remained was the inability to quickly test if you have any vulnerable packages.

Lynis 2.x will bring security auditing of Linux and Unix systems to a new level. In this blog post we share some exciting new features. Release of Lynis 2 is planned for February 2015. Overview: History Lynis 2.x Plugins Systemd Support File Integrity Monitoring Containers & Virtualization Operating Systems Focus on Simplicity Free and Commercial Support History Lynis has been created in 2007, as a follow-up on the well-known tool Rootkit Hunter (rkhunter).

By default Arch will install the kernel in /boot with the name vmlinuz-linux. To determine if the system is running the latest kernel, we can compare the running kernel and the one on disk. Running kernel One way to determine the running kernel is with the uname command. By default installed and with the -r parameter it will provide the kernel release version. # uname -r 3.17.4-1-ARCH Kernel on disk Checking the latest kernel on disk is almost as easy.

Tutorial for Lynis installation on Arch Linux Pacman Arch Linux is getting more popular due to its great community support and the way it is organized. Being a “rolling release” system, it is continuously up-to-date. Still, you want to make sure your security defenses are equally up-to-date, so that’s where Lynis comes in. Normally pacman is used for installing new packages. Unfortunately, the lynis package does not show up. # pacman -Ss lynis # pacman -Ss rkhunter community/rkhunter 1.