Wednesday, 12 September 2012

Lynis On Backtrack 5

Lynis on Backtrack 5
  • Lynis is a system security and auditing tool .
  • Lynis is developed by the  Michael Boelen .
  • It checks the system and software configuration and logs all the found  information  
    into a log  file  for  debugging  purposes.
  • It scans the system and available software, to detect security issues.
  • It will also scan for general system information, installed packages and  configuration mistakes.
This tool is for :- 
  1. Security specialists,
  2. Penetration testers,
  3. System auditors,
  4. System or network managers. 
Supported Distributions 

  • Debian
  • CentOS
  • Gentoo
  • Fedora Core 4 and higher
  • FreeBSD
  • Arch Linux 
  • Knoppix
  • OpenSuSE
  • Mandriva 2007
  • OpenBSD 4.x
  • OpenSolaris
  • Mac OS X 
  • PcBSD
  • Ubuntu
  • PCLinuxOS
  • Red Hat, RHEL 5.x
  • Slackware 12.1
  • Solaris 10
How to install Lynis in Backtrack 5 
  • To install Lynis in Backtrack 5 use apt-get install command .
  • Command : apt-get install lynis
  • See below image for more details -
Open Lynis 
  • To open linux , Goto System > Linux auditing tool 
  • See the below image for more details -
lynis auditing tool

Example : With Lynis , I am going to Audit Backtrack 5 
Lynis : OS Detection 
  • It open with a small banner as shown in the below image .
  • It automaticaly start a system auditing . You just need to press the enter Key .
  • To stop the process press [Ctrl]+c .
  • See the below image for more details - 
lynis on backtrack 5

System tools auditing 

Boot and services
  • In this below image , it check the boot loaders.
  • It checks the presence of boot loaders as follow - 
  1. GRUB2
  2. LILO
  • In which GRUB2 Boot Loader is present in backtrack.
boot and services

  • Checks for the kernel .
  • See the below image for more details - 
kernel auditing

Memory and processes auditing 

User, Groups and Authentication Auditing

Shells  and File System Auditing 

Network Auditing 

Software : email and messaging and firewall auditing 

Auditing : Web Server, SSH Support and SNMP Support

Auditing : LDAP Services and PHP 

Auditing : Storage 

Auditing : Name Services

Auditing : Ports and packages

Auditing : Squid Support , Logging and files 

Insecure Services

Scheduled Tasks , Accounting , Time ans Synchronization 

Cryptography, Virtualization , Security frameworks

Auding : File Intrigrity and malware scanners

Auditing : Kernel Hardening 

Lynis Report 

  • You can find Lynis log file :   /var/log/lynis.log
  • To view lynis.log file , use cat command .
  • Command : cat lynis.log
  • See the below image for more details -
Lynis log file

Lynis Report file 
  • You can find lynis report file in /var/log/lynis-report.dat 
  • See the below image for more details - 

Lynis report
Lynis Report on backtrack 5
  • This is the best Linux Auditing Program .
  • Lynis gives a depth amount of information and suggestion about your Linux , which help you to improve the security of your Linux . 
  • This is  best for Penetration Tester, Security Specialist, System Auditors, system or network managers.

No comments:

Post a Comment