SYSTEM AUDITING WITH LYNIS OPEN SOURCE TOOL
- Layout for this exercise:
- Lynis is a open source security auditing tool for UNIX derivatives like Linux, macOS, BSD, Solaris, AIX, and others, performing an in-depth security scan.
- Creating a directory for lynis:
- Downloading lynis:
- Extracting:
- Contents of folder lynis:
- Running lynis without commands/parameters/options gives us information about the possibilities of this application:
- Commands to be used:
- Options:
- Now let's run lynis audit system. As its name indicates linys performs auditing for the system in a really deep way so the displayed output is huge.
- Let's see some of the information generated by linys:
......... etc .............
- Also some suggestions are provided:
......... etc .............
- A final summary:
- The whole report can be found at files lynis.log and lynis-report.dat inside the folder /var/log:
- Opening lynis-report.dat:
- At the suggestions section there is a lot of interesting information:
- For instance, the consideration of setting to no the directive PermitRootLogin with the purpose of disabling SSH root connection, like we saw in a previous exercise:
