Unix security audit: Perform an audit in 3 minutes

Unix security audit: Perform an audit in 3 minutes

Want to know the vulnerabilities of a Unix/Linux system is in just 3 minutes? How? Perform a scan with Lynis, the open source Unix security audit tool!

Lynis

Lynis is open source software (GPLv3), released in 2007 and a popular choice by many security professionals and system administrators. Hundreds of downloads in the first week of each release and with a lot of community feedback, Lynis is the right tool for the job.

Quick start: installation

Install Lynis via apt-get install lynis or yum install lynis. Or if you want to use the very latest version, go to the CISOfy website, click on products and select Lynis. Download the file (e.g. with wget) and extract the tar ball.

Quick start: running

Time to run Lynis! As we want to stay under the 3 minutes, let’s run Lynis with the parameters -c and -Q.

lynis -c -Q

Lynis (Linux/Unix auditing tool) screenshot

Screenshot of a Unix security audit performed with Lynis.

This will use the default scan profile and perform all tests without any pauses. The screen will display the output results directly. After all tests are done, a quick overview will be given with the findings (warnings or suggestions).

Additionally a hardening index will be displayed, giving a first impression on how well the system is hardened. If the bar is colored red, then the system really requires some attention. For yellow and green colored bars it’s advised to follow-up on the displayed findings and determine the related risks.

Follow-up

After the first scan is done, the next step would be to actually review the results in-depth. Of course this process will take more time. One proper way of determining what has been scanned and discovered, is by checking the log file. By default the file /var/log/lynis.log is being used.

less /var/log/lynis.log

Now scroll through the file and check the results of each particular test.

Three minutes

See? Running a Unix security audit doesn’t have to take that long. Good luck with hardening!

Don’t know where to start with hardening, or how? See our Lynis Enterprise Suite offering, it will help you by showing an implementation plan with priorities. For enterprise users we also have hardening snippets available, for easier implementation.

 

Lynis Enterprise

Lynis Enterprise screenshot to help with system hardening

This blog post is part of our Linux security series and the mission to get Linux and Unix-based systems more secure.

Does system hardening take a lot of time, or do you have any compliance in your company? Have a look at Lynis Enterprise.

Or start today with the open source security scanner Lynis (GitHub)