Viewing available test categories in Lynis

Test categories in Lynis

When auditing a server, it may be useful to only run a particular category of tests, like firewall related tests. In that case the –tests-category parameter can be used, together with the category name.

Available categories

To determine what categories are available, Lynis has a built-in parameter –view-categories which lists all available files. Most of the names are self-explanatory on what of tests they include. For more information about the included tests, have a look in the ./include directory, where files are listed as tests_<category>.

Example

root@host:~# ./lynis --view-categories
[+] Available test categories
 ------------------------------------
 - accounting
 - authentication
 - banners
 - boot_services
 - crypto
 - databases
 - file_integrity
 - file_permissions
 - filesystems
 - firewalls
 - hardening
 - hardening_tools
 - homedirs
 - insecure_services
 - kernel
 - kernel_hardening
 - ldap
 - logging
 - mac_frameworks
 - mail_messaging
 - malware
 - memory_processes
 - nameservices
 - networking
 - php
 - ports_packages
 - printers_spools
 - scheduling
 - shells
 - snmp
 - solaris
 - squid
 - ssh
 - storage
 - storage_nfs
 - tcpwrappers
 - time
 - tooling
 - virtualization
 - webservers

After selecting which category you want to use, simply run Lynis with ./lynis -c –tests-category firewalls to run all firewall related tests.

One more thing...

Keep learning

So you are interested in Linux security? Join the Linux Security Expert training program, a practical and lab-based training ground. For those who want to become (or stay) a Linux security expert.

See training package




Lynis Enterprise screenshot to help with system hardeningSecurity scanning with Lynis and Lynis Enterprise

Run automated security scans and increase your defenses. Lynis is an open source security tool to perform in-depth audits. It helps with system hardening, vulnerability discovery, and compliance.


Download

Leave a Reply

Your email address will not be published. Required fields are marked *