Lynis 2.7.3 - Safety Auditing Tool For Unix/Linux Systems

Thursday, September 19, 2019 Edit
Lynis 2.7.3 - Safety Auditing Tool For Unix/Linux Systems - Hi friends mederc, In the article that you read this time with the title Lynis 2.7.3 - Safety Auditing Tool For Unix/Linux Systems, We have prepared this article well for you to read and retrieve information from it. hopefully fill the posts Article Hardening, Article Linux, Article Lynis, Article Mac, Article Security, Article System Auditing Tool, Article System Auditor, Article System Hardening, Article System/Network Manager, Article Vulnerability Scanner, we write this you can understand. Alright, happy reading.

Title : Lynis 2.7.3 - Safety Auditing Tool For Unix/Linux Systems
link : Lynis 2.7.3 - Safety Auditing Tool For Unix/Linux Systems

ALSO READ


Lynis 2.7.3 - Safety Auditing Tool For Unix/Linux Systems


We are excited to denote this major unloosen of auditing tool Lynis. Several large changes convey been made to pith functions of Lynis. These changes are the side yesteryear side of simplification improvements nosotros made. There is a gamble of breaking your existing configuration.

Lynis is an opened upward origin safety auditing tool. Used yesteryear arrangement administrators, safety professionals, together with auditors, to evaluate the safety defenses of their Linux together with UNIX-based systems. It runs on the host itself, so it performs to a greater extent than extensive safety scans than vulnerability scanners.

Supported operating systems

The tool has almost no dependencies, thus it runs on almost all Unix-based systems together with versions, including:
  • AIX
  • FreeBSD
  • HP-UX
  • Linux
  • Mac OS
  • NetBSD
  • OpenBSD
  • Solaris
  • and others
It fifty-fifty runs on systems similar the Raspberry Pi together with several storage devices!

Installation optional

Lynis is light-weight together with slow to use. Installation is optional: only re-create it to a system, together with utilisation "./lynis audit system" to kickoff the safety scan. It is written inwards rhythm out script together with released equally opened upward origin software (GPL). 

How it works

Lynis performs hundreds of private tests, to hit upward one's hear the safety Earth of the system. The safety scan itself consists of performing a laid upward of steps, from initialization the program, upward to the report.

Steps
  1. Determine operating system
  2. Search for available tools together with utilities
  3. Check for Lynis update
  4. Run tests from enabled plugins
  5. Run safety tests per category
  6. Report condition of safety scan
Besides the information displayed on the screen, all technical details most the scan are stored inwards a log file. Any findings (warnings, suggestions, information collection) are stored inwards a study file.

Opportunistic Scanning

Lynis scanning is opportunistic: it uses what it tin find.
For example, if it sees yous are running Apache, it volition perform an initial circular of Apache related tests. When during the Apache scan it also discovers an SSL/TLS configuration, it volition perform additional auditing steps on that. While doing that, it together with so volition collect discovered certificates so they tin hold out scanned afterwards equally well.

In-depth safety scans

By performing opportunistic scanning, the tool tin run alongside almost no dependencies. The to a greater extent than it finds, the deeper the audit volition be. In other words, Lynis volition ever perform scans which are customized to your system. No audit volition hold out the same!

Use cases

Since Lynis is flexible, it is used for several unlike purposes. Typical utilisation cases for Lynis include:
  • Security auditing
  • Compliance testing (e.g. PCI, HIPAA, SOx)
  • Vulnerability detection together with scanning
  • System hardening

Resources used for testing

Many other tools utilisation the same information files for performing tests. Since Lynis is non express to a few mutual Linux distributions, it uses tests from standards together with many custom ones non flora inwards whatever other tool.
  • Best practices
  • CIS
  • NIST
  • NSA
  • OpenSCAP data
  • Vendor guides together with recommendations (e.g. Debian Gentoo, Red Hat)

Lynis Plugins

Plugins enable the tool to perform additional tests. They tin hold out seen equally an extension (or add-on) to Lynis, enhancing its functionality. One illustration is the compliance checking plugin, which performs specific tests solely applicable to roughly standard.

Changelog
Upgrade note
## Lynis 2.7.3 (2019-03-21)  ### Added - Detection for Lynis beingness scheduled (e.g. cronjob)  ### Changed - HTTP-6624 - Improved logging for assay - KRNL-5820 - Changed coloring for default fs.suid_dumpable value - LOGG-2154 - Adjusted assay to search inwards configuration file correctly - NETW-3015 - Added back upward for ip binary - SQD-3610 - Description of assay changed - SQD-3613 - Corrected description inwards code - SSH-7408 - Increased values for MaxAuthRetries - Improvements to let tailored tool tips inwards futurity - Corrected detection of blkid binary - Minor textual changes together with cleanups




Thus the article Lynis 2.7.3 - Safety Auditing Tool For Unix/Linux Systems

That's all the article Lynis 2.7.3 - Safety Auditing Tool For Unix/Linux Systems this time, hopefully can benefit you all. okay, see you in another article posting.

You are now reading the article Lynis 2.7.3 - Safety Auditing Tool For Unix/Linux Systems with the link address https://mederc.blogspot.com/2019/09/lynis-273-safety-auditing-tool-for.html

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel