Lynis is an auditing tool which tests and gathers (security) information from Unix-based systems. The good thing is that it is easy to use, and you can get a security report on your Linux Security in as fast as five minutes. If you are a security and system auditor, network specialist or system maintainer, this is a tool you will want to have in your arsenal. In Ubuntu, you can easily install Lynis via the Ubuntu Software Center or from the following link. If you are managing a remote system, you can install with the command line: For other distros, you can check out the Lynis homepage where there are links to non-official RPMs and Debian packages for various distros.

Usage

The usage of Lynis is very simple. In the terminal, you just have to type the command: and it will check the system for security issues. The things it checks will include:

System tools Boot loaders, startup services Kernel: run level, loaded modules, kernel configuration, core dumps Memory and processes: zombie processes, IO waiting processes Users, groups and authentication: group IDs, sudoers, PAM configuration, password aging, default mask File systems: mount points, /tmp files, root file system Storage: usb-storage, firewire ohci NFS Software: name services: DNS search domain, BIND Ports and packages: vulnerable/upgradable packages, security repository Software: firewalls: iptables, pf Software: webserver: Apache, nginx SSH support: SSH configuration SNMP support Databases: MySQL root password LDAP services Software: php: php options Scheduled tasks: crontab/cronjob, atd Time and synchronization: ntp daemon Cryptography: SSL certificate expiration Security frameworks: AppArmor, SELinux, grsecurity status Software: file integrity Software: malware scanners Home directories: shell history files and more

Once it has finished scanning, it will generate a report and save it to /var/log/lynis.log. Open it up in your terminal: You can scroll down the list to read all the tests that Lynis has performed. Alternatively, you can just search (using the shortcut key Ctrl + w) for “Warning” to find the entries that need your attention.

Better still, you can use the following command to list all the “Warnings” in the report:

or to get a list of “Suggestions” provided by Lynis.

That’s it. Even if you are an experienced Linux administrator, there are bound to be certain security loopholes that you have missed in your Linux security. With Lynis, you will be able to audit your system and make sure the all security features are enforced. Image credit: Up, Tight