(last updated at ) Auditing, Lynis

Unix security audit: Perform an audit in 3 minutes

Unix security audit: Perform an audit in 3 minutes

Want to know the vulnerabilities of a Unix/Linux system is in just 3 minutes? How? Perform a scan with Lynis, the open source Unix security audit tool!

Lynis

Lynis is open source software (GPLv3), released in 2007 and a popular choice by many security professionals and system administrators. Hundreds of downloads in the first week of each release and with a lot of community feedback, Lynis is the right tool for the job.

Quick start: installation

Install Lynis via apt-get install lynis or yum install lynis. Or if you want to use the very latest version, go to the CISOfy website, click on products and select Lynis. Download the file (e.g. with wget) and extract the tar ball.

Quick start: running

Time to run Lynis! As we want to stay under the 3 minutes, let’s run Lynis with the parameters -c and -Q.

lynis -c -Q

Lynis (Linux/Unix auditing tool) screenshot

Screenshot of a Unix security audit performed with Lynis.

This will use the default scan profile and perform all tests without any pauses. The screen will display the output results directly. After all tests are done, a quick overview will be given with the findings (warnings or suggestions).

Additionally a hardening index will be displayed, giving a first impression on how well the system is hardened. If the bar is colored red, then the system really requires some attention. For yellow and green colored bars it’s advised to follow-up on the displayed findings and determine the related risks.

Follow-up

After the first scan is done, the next step would be to actually review the results in-depth. Of course this process will take more time. One proper way of determining what has been scanned and discovered, is by checking the log file. By default the file /var/log/lynis.log is being used.

less /var/log/lynis.log

Now scroll through the file and check the results of each particular test.

Three minutes

See? Running a Unix security audit doesn’t have to take that long. Good luck with hardening!

Don’t know where to start with hardening, or how? See our Lynis Enterprise Suite offering, it will help you by showing an implementation plan with priorities. For enterprise users we also have hardening snippets available, for easier implementation.

 

One more thing...

Keep learning

So you are interested in Linux security? Join the Linux Security Expert training program, a practical and lab-based training ground. For those who want to become (or stay) a Linux security expert.

See training package



Lynis Enterprise screenshot to help with system hardeningSecurity scanning with Lynis and Lynis Enterprise

Run automated security scans and increase your defenses. Lynis is an open source security tool to perform in-depth audits. It helps with system hardening, vulnerability discovery, and compliance.


Download

Continue reading