Viewing available test categories in Lynis
Test categories in Lynis
When auditing a server, it may be useful to only run a particular category of tests, like firewall related tests. In that case the –tests-category parameter can be used, together with the category name.
Available categories
To determine what categories are available, Lynis has a built-in parameter –view-categories which lists all available files. Most of the names are self-explanatory on what of tests they include. For more information about the included tests, have a look in the ./include directory, where files are listed as tests_<category>.
Example
root@host:~# ./lynis --view-categories
[+] Available test categories ------------------------------------ - accounting - authentication - banners - boot_services - crypto - databases - file_integrity - file_permissions - filesystems - firewalls - hardening - hardening_tools - homedirs - insecure_services - kernel - kernel_hardening - ldap - logging - mac_frameworks - mail_messaging - malware - memory_processes - nameservices - networking - php - ports_packages - printers_spools - scheduling - shells - snmp - solaris - squid - ssh - storage - storage_nfs - tcpwrappers - time - tooling - virtualization - webservers
After selecting which category you want to use, simply run Lynis with ./lynis -c –tests-category firewalls to run all firewall related tests.