{"id":13851,"date":"2019-04-06T11:40:36","date_gmt":"2019-04-06T11:40:36","guid":{"rendered":"http:\/\/www.appservgrid.com\/paw92\/?p=13851"},"modified":"2019-04-06T11:40:36","modified_gmt":"2019-04-06T11:40:36","slug":"lynis-2-5-5-released-security-auditing-and-scanning-tool-for-linux-systems","status":"publish","type":"post","link":"https:\/\/www.appservgrid.com\/paw92\/index.php\/2019\/04\/06\/lynis-2-5-5-released-security-auditing-and-scanning-tool-for-linux-systems\/","title":{"rendered":"Lynis 2.5.5 Released \u2013 Security Auditing and Scanning Tool for Linux Systems"},"content":{"rendered":"

Lynis<\/strong>\u00a0is an open source and much powerful\u00a0auditing tool<\/strong>\u00a0for Unix\/Linux like operating systems. It scans system for security information, general system information, installed and available software information, configuration mistakes, security issues, user accounts without password, wrong file permissions, firewall auditing, etc.<\/p>\n

Lynis<\/strong>\u00a0is one of the most trusted automated auditing tool for software patch management,\u00a0malware scanning and vulnerability detecting<\/a>\u00a0in Unix\/Linux based systems. This tool is useful for\u00a0auditors<\/strong>,\u00a0network<\/strong>\u00a0and\u00a0system administrators<\/strong>,\u00a0security specialists<\/strong>\u00a0and\u00a0penetration testers<\/strong>.<\/p>\n

A new major upgrade version of\u00a0Lynis 2.5.5<\/strong>\u00a0is released just now, after months of development, which comes with some new features and tests, and many small improvements. I encourage all Linux users to test and upgrade to this most recent version of Lynis.<\/p>\n

In this article we are going to show you how to install\u00a0Lynis 2.5.5<\/strong>\u00a0(Linux Auditing Tool<\/strong>) in Linux systems using source tarball files.<\/p>\n

Please Read Also :<\/b><\/p>\n

    \n
  1. Install ConfigServer Security & Firewall (CSF)<\/a><\/li>\n
  2. Install Linux Rkhunter (Rootkit Hunter)<\/a><\/li>\n
  3. Install Linux Malware Detect (LMD)<\/a><\/li>\n<\/ol>\n

    Installation of Lynis<\/h3>\n

    Lynis<\/strong>\u00a0doesn\u2019t required any installation, it can be used directly from any directory. So, its good idea to create a custom directory for\u00a0Lynis<\/strong>\u00a0under\u00a0\/usr\/local\/lynis<\/code>.<\/p>\n

    # mkdir \/usr\/local\/lynis<\/pre>\n
    Download stable version of\u00a0Lynis<\/strong>\u00a0source files from the trusted website using\u00a0wget command<\/a>\u00a0and unpack it using\u00a0tar command<\/a>\u00a0as shown below.<\/p>\n
    # cd \/usr\/local\/lynis\r\n# wget https:\/\/cisofy.com\/files\/lynis-2.5.5.tar.gz\r\n<\/pre>\n
    \n
    \"Download<\/a><\/p>\n
    Download Lynis Linux Audit Tool<\/p>\n<\/div>\n
    Unpack the tarball<\/p>\n
    # tar -xvf lynis-2.5.5.tar.gz\r\n<\/pre>\n
    \n
    \"Unpack<\/a><\/p>\n
    Unpack Lynis Tool<\/p>\n<\/div>\n
    Running and Using Lynis Basics<\/h3>\n
    You must be\u00a0root<\/strong>\u00a0user to run\u00a0Lynis<\/strong>, because it creates and writes output to\u00a0\/var\/log\/lynis.log<\/code>\u00a0file. To run\u00a0Lynis<\/strong>\u00a0execute the following command.<\/p>\n
    # cd lynis\r\n# .\/lynis<\/pre>\n
    By running\u00a0.\/lynis<\/code>\u00a0without any option, it will provide you a complete list of available parameters and goes back to the shell prompt. See figure below.<\/p>\n
    \n
    \"Lynis<\/a><\/p>\n
    Lynis Basic Options and Help<\/p>\n<\/div>\n
    To start\u00a0Lynis<\/strong>\u00a0process, you must define a\u00a0--check-all<\/code>\u00a0parameter to begin scanning of your entire\u00a0Linux<\/strong>system. Use the following command to start scan with parameters as shown below.<\/p>\n
    # .\/lynis --check-all<\/pre>\n
    Once, you execute above command it will start scanning your system and ask you to\u00a0Press [Enter] to continue, or [CTRL]+C to stop)<\/strong>\u00a0every process it scans and completes. See figure attached below.<\/p>\n
    \n
    \"Lynis:<\/a><\/p>\n
    Lynis: Scanning Entire Linux System<\/p>\n<\/div>\n
    \n
    \"Lynis<\/a><\/p>\n
    Lynis Security Scan Details<\/p>\n<\/div>\n
    To prevent such acknowledgment (i.e. \u201cpress enter to continue<\/strong>\u201d) from user while scanning, you need use\u00a0-c<\/code>and\u00a0-Q<\/code>\u00a0parameters as shown below.<\/p>\n
    # .\/lynis -c -Q<\/pre>\n
    It will do complete scan without waiting for any user acknowledgment. See the following screencast.<\/p>\n
    \n
    \"Lynis:<\/a><\/p>\n
    Lynis: Scanning Linux File System<\/p>\n<\/div>\n
    Creating Lynis Cronjobs<\/h3>\n
    If you would like to create a daily scan report of your system, then you need to set a cron job for it. Run the following command at the shell.<\/p>\n
    # crontab -e<\/pre>\n
    Add the following cron job with option\u00a0--cronjob<\/code>\u00a0all the special characters will be ignored from the output and the scan will run completely automated.<\/p>\n
    30\t22\t*\t*\t*\troot    \/path\/to\/lynis -c -Q --auditor \"automated\" --cronjob<\/pre>\n
    The above example cron job will run daily at\u00a010:30pm<\/strong>\u00a0in the night and creates a daily report under\u00a0\/var\/log\/lynis.log<\/code>\u00a0file.<\/p>\n
    Lynis Scanning Results<\/h3>\n
    While scanning you will see output as [OK<\/strong>] or [WARNING<\/strong>]. Where [OK<\/strong>] considered as good result and [WARNING<\/strong>] as bad. But it doesn\u2019t mean that [OK<\/strong>] result is correctly configured and [WARNING<\/strong>] doesn\u2019t have to be bad. You should take corrective steps to fix those issues after reading logs at\u00a0\/var\/log\/lynis.log<\/code>.<\/p>\n
    In most cases, the scan provides\u00a0suggestion to fix<\/strong>\u00a0problems at the end of the scan. See the attached figure that provides a list of suggestion to fix problems.<\/p>\n
    \n
    \"Lynis<\/a><\/p>\n
    Lynis Suggestions Tips<\/p>\n<\/div>\n
    Updating Lynis<\/h3>\n
    If you want to\u00a0update<\/strong>\u00a0or\u00a0upgrade<\/strong>\u00a0current lynis version, simple type the following command it will download and install latest version of lynis.<\/p>\n
    # .\/lynis update info         [Show update details]\r\n# .\/lynis update release      [Update Lynis release]\r\n<\/pre>\n
    See the attached output of the above command in the figure. It says our lynis version is\u00a0Up-to-date<\/strong>.<\/p>\n
    \n
    \"Update<\/a><\/p>\n
    Update Lynis Auditing Tool<\/p>\n<\/div>\n
    Lynis Parameters<\/h3>\n
    Some of the Lynis parameters for your reference.<\/p>\n
      \n
    1. --checkall or -c<\/code>\u00a0: Start the scan.<\/li>\n
    2. --check-update<\/code>\u00a0: Checks for Lynis update.<\/li>\n
    3. --cronjob<\/code>\u00a0: Runs Lynis as cronjob (includes -c -Q).<\/li>\n
    4. --help or -h<\/code>\u00a0: Shows valid parameters<\/li>\n
    5. --quick or -Q<\/code>\u00a0: Don\u2019t wait for user input, except on errors<\/li>\n
    6. --version or -V<\/code>\u00a0: Shows Lynis version.<\/li>\n<\/ol>\n
      That\u2019s it, we hope this article will be much helpful you all to figure out security issues in running systems. For more information visit the official Lynis page at\u00a0https:\/\/cisofy.com\/download\/lynis\/<\/a>.<\/p>\n
      Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
      Lynis\u00a0is an open source and much powerful\u00a0auditing tool\u00a0for Unix\/Linux like operating systems. It scans system for security information, general system information, installed and available software information, configuration mistakes, security issues, user accounts without password, wrong file permissions, firewall auditing, etc. Lynis\u00a0is one of the most trusted automated auditing tool for software patch management,\u00a0malware scanning and … <\/p>\n
      Continue reading “Lynis 2.5.5 Released \u2013 Security Auditing and Scanning Tool for Linux Systems”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-13851","post","type-post","status-publish","format-standard","hentry","category-linux"],"_links":{"self":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/13851","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/comments?post=13851"}],"version-history":[{"count":1,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/13851\/revisions"}],"predecessor-version":[{"id":13852,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/13851\/revisions\/13852"}],"wp:attachment":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/media?parent=13851"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/categories?post=13851"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/tags?post=13851"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}