Lynis
Introduction
- Lynis is a system security and auditing tool .
- Lynis is developed by the Michael Boelen .
It checks the system and software configuration and logs all the found informationinto a log file for debugging purposes.
- It scans the system and available software, to detect security issues.
- It will also scan for general system information, installed packages and configuration mistakes.
This tool is for :-
- Security specialists,
- Penetration testers,
- System auditors,
- System or network managers.
Supported Distributions
- Debian
- CentOS
- Gentoo
- Fedora Core 4 and higher
- FreeBSD
- Arch Linux
- Knoppix
- OpenSuSE
- Mandriva 2007
- OpenBSD 4.x
- OpenSolaris
- Mac OS X
- PcBSD
- Ubuntu
- PCLinuxOS
- Red Hat, RHEL 5.x
- Slackware 12.1
- Solaris 10
How to install Lynis in Backtrack 5
- To install Lynis in Backtrack 5 use apt-get install command .
- Command : apt-get install lynis
- See below image for more details -
Open Lynis
- To open linux , Goto System > Linux auditing tool
- See the below image for more details -
Example : With Lynis , I am going to Audit Backtrack 5
Lynis : OS Detection
- It open with a small banner as shown in the below image .
- It automaticaly start a system auditing . You just need to press the enter Key .
- To stop the process press [Ctrl]+c .
- See the below image for more details -
.jpg "lynis on backtrack 5")
.jpg)
.jpg)
System tools auditing
.jpg)
Boot and services
- In this below image , it check the boot loaders.
- It checks the presence of boot loaders as follow -
- GRUB2
- LILO
- YABOOT
- In which GRUB2 Boot Loader is present in backtrack.
.jpg "boot and services")
KERNEL
- Checks for the kernel .
- See the below image for more details -
.jpg "kernel auditing")
Memory and processes auditing
.jpg)
User, Groups and Authentication Auditing
.jpg)
Shells and File System Auditing
.jpg)
Network Auditing
.jpg)
Software : email and messaging and firewall auditing
.jpg)
Auditing : Web Server, SSH Support and SNMP Support
.jpg)
Auditing : LDAP Services and PHP
.jpg)
Auditing : Storage
.jpg)
Auditing : Name Services
.jpg)
Auditing : Ports and packages
.jpg)
Auditing : Squid Support , Logging and files
.jpg)
Insecure Services
.jpg)
Scheduled Tasks , Accounting , Time ans Synchronization
.jpg)
Cryptography, Virtualization , Security frameworks
.jpg)
Auding : File Intrigrity and malware scanners
.jpg)
Auditing : Kernel Hardening
.jpg)
Lynis Report
- You can find Lynis log file : /var/log/lynis.log
- To view lynis.log file , use cat command .
- Command : cat lynis.log
- See the below image for more details -
Lynis Report file
- You can find lynis report file in /var/log/lynis-report.dat
- See the below image for more details -
Lynis report
- This is the best Linux Auditing Program .
- Lynis gives a depth amount of information and suggestion about your Linux , which help you to improve the security of your Linux .
- This is best for Penetration Tester, Security Specialist, System Auditors, system or network managers.
No comments:
Post a Comment