Lynis Security Auditing Software For Unix-Linux

LYNIS Security Auditing
LYNIS Security Auditing

Lynis 3.0.4 Released with new changes.

Lynis is a free and open source security and auditing software. It runs on Linux, macOS, and other Unix-based systems to performs an in-depth security scan.

The primary focus of Lynis is to perform a health check of systems. It helps also to detect security vulnerabilities and configuration management weaknesses, and discover configuration issues, including vulnerable packages, missing best practices, and weak defaults. With actionable plans and reports, it helps you to get back on track for your compliance needs, IT audits, or better security defenses.

Lynis performs an in-depth local scan on the system and is therefore much more thorough than network based vulnerability scanners.

Goals

The main goals are:

  • Automated security auditing
  • Compliance testing (e.g. ISO27001, PCI-DSS, HIPAA)
  • Vulnerability detection

The software (also) assists with:

  • Configuration and asset management
  • Software patch management
  • System hardening
  • Penetration testing (privilege escalation)
  • Intrusion detection

Audience

Typical users of the software:

  • System administrators
  • Auditors
  • Security officers
  • Penetration testers
  • Security professionals

Requirements

Shell and basic utilities

Permissions

Normal user or preferable root permissions

Linus Features

Supported platforms

Lynis supports Operating systems

  • AIX
  • FreeBSD
  • HP-UX
  • Linux
  • macOS
  • NetBSD
  • OpenBSD
  • Solaris
  • and others

Lynis Features

  • In-depth audits by host based scanning
  • Installation is optional
  • Even dependencies are optional
  • All Unix, Linux, BSD and macOS versions
  • Action plans, with priority based hardening strategies
  • Find undiscovered vulnerabilities
  • Compliance testing (PCI, HIPAA, SOx and others)
  • Intrusion detection and monitoring to detect intruders and monitor for configuration issues
  • Continuous auditing, discover changes
  • Layered dashboards (technical and managerial)
  • Reporting and data export
  • User management Different levels of user access
  • Open source software

What’s new in Lynis 3.0.4

  • This is a major release of Lynis and includes several big changes.

Breaking change: Non-interactive by default

Lynis now runs non-interactive by default, to be more in line with the Unix philosophy. So the previously used ‘–quick’ option is now default, and the Lynis will only wait when using the ‘–wait’ option.

Breaking change: Deprecated options

– Option: -c
– Option: –check-update/–info
– Option: –dump-options
– Option: –license-key

Breaking change: Profile options

The format of all profile options are converted (from key:value to key=value).
You may have to update the changes you made in your custom.prf.

Security

An important focus area for this release is on security, and added several measures to further tighten any possible misuse.

New:

  • DevOps, Cyber Forensics, and pentesting mode
  • This release adds initial support to allow defining a specialized type of audit.
  • Using the relevant options, the scan will change base on the intended goal.

Installation

Git

Clone or download the project files (no compilation nor installation is required) ;

git clone https://github.com/CISOfy/lynis

Execute:

cd lynis; ./lynis audit system

If you want to run the software as root, we suggest changing the ownership of the files. Use chown -R 0:0 to recursively alter the owner and group and set it to user ID 0 (root).

Software Package

For Linux, BSD, and macOS, there is typically a package available. The Lynis project also provides packages in RPM or DEB format. The CISOfy software repository can be used to install Lynis on systems running: CentOS, Debian, Fedora, OEL, openSUSE, RHEL, Ubuntu, and others.

Download Lynis

For the latest update about Cyber and Infosec World, follow us on Twitter, Facebook, Telegram , Instagram and subscribe to our YouTube Channel

.
Total
30
Shares
Leave a Reply
Related Posts