How to Audit Linux System Security with Lynis

Today we focusing How to Audit Linux System Security with Lynis.
How to Audit Linux System Security with Lynis

In this article we will talk how to Audit Linux system security with Linis. Whether you are a Linux administrator or user, a secure server or PC should be a top priority. Although Linux is a secure operating system, it is prone to attacks or security vulnerabilities just like any other operating system. Linis is an open source tool and is available for most Unix-based operating systems such as Linux, macOS, Solaris, FreeBSD, etc.

Linis is an open source security auditing tool for Unix derivatives such as Linux, Mac OS, PST, Unix-based operating systems and more. It performs comprehensive health scans of systems supporting system hardening and compliance testing. Open source software with GPL license. The tool also scans for general system information, vulnerable software packages, and configuration issues. It is useful for system administrators, auditors and security professionals. Below are the steps to audit Linux system security with Linis.

How to Audit Linux system security with Linis

Installing Linis

  • To install Linis on Ubuntu, run the following command:
    • sudo apt-get install lynis
  • In Fedora, type:
  • In Manjaro, you use Pacman to:

Conducting an audit

  • Linis is terminal based, so no GUI. To start the audit, open a Terminal window. Click and drag it to the edge of your monitor to take it to full height or stretch it as high as you want. There is a lot of output from Linis, so if the terminal window is tall, it will be easier to review.
  • It is especially convenient for Lynis to open a Terminal window. You’ll be scrolling up And a lot below, so there’s no need to deal with the clutter of previous commands, Lynis will simplify output.
  • To start auditing, type this refreshingly straightforward command:
  • Type names, test titles, and results will scroll through the terminal window as each type of test completes. The audit takes only a few minutes at most. When it’s done, you’ll be back at the command prompt. Scroll the terminal window to review the findings.
  • The first part of the audit detects the version of Linux, kernel release and other system details.
  • Areas to watch are highlighted in amber (recommendations) and red (cautions to note).
  • Linis analyzed the Postfix mail server configuration and flagged something to do with the banner. You can get more details on what exactly it finds and why it might be a problem.
  • Linis warns that the Ubuntu virtual machine we are using does not have a firewall configured.
  • Scroll through your results to see what Linis flagged. At the bottom of the audit report, you will see a summary screen.
  • “Hardening Index” is your test score. We scored 56 out of 100, which is not great. 222 tests were performed and a Linis plugin was run. If you visit the Linis Community Edition plugin download page and subscribe to the newsletter, you will receive links to additional plugins.
  • There are many plugins available, including some for auditing against standards such as GDPR, ISO27001 and PCI-DSS.
  • A green V represents a check mark. You’ll see amber question marks and a red X.
  • Green check marks because we have a firewall and malware scanner. For testing purposes, we installed rkhunter, a rootkit detector, to see if Linis would detect it. As you can see above, it did; We got a green check mark next to “Malware Scanner”.
  • Compliance status is unknown as audit does not use compliance plugin. This test used protection and vulnerability modules.
  • Two files are created: a log and a data file. The data file we are interested in is located at “/var/log/lynis-report.dat”. This will contain a copy of the results we can see in the terminal window (without highlighting the color). These will come in handy to see how your hardening index is improving over time.
See also  How to Install Android 13 on Google Pixel and Android

Final words

We hope you like our article how to Audit Linux system security with Linis. Linis scanning is modular and opportunistic. It is used to test components such as available system tools and their libraries. The advantage of the Linis tool is that it does not require additional installations of tools, so the settings are clean.

Faq

About This Guide?


In this guide, we told you about the How to Audit Linux System Security with Lynis; please read all steps above so that you understand How to Audit Linux System Security with Lynis in case if you need any assistance from us, then contact us.

How this tutorial or guide assisting you?


So in this guide, we discuss the How to Audit Linux System Security with Lynis, which undoubtedly benefits you.



Share this article about How to Audit Linux System Security with Lynis

I hope you like the guide How to Audit Linux System Security with Lynis. In case if you have any queries regards this article/tutorial you may ask us. Also, share your love by sharing this article with your friends and family.
#Audit #Linux #System #Security #Lynis

Trickbugs: Get the latest Trick and Tips
Logo
Enable registration in settings - general