Friday, 9 December 2016

Security auditing tool - Lynis

Have heard about the tool in the past, but hadn't given any try on this... was very simple to go through and here are very few lines on the post...

Ensure you have git client installed on your system we shall clone from github.com

​# cd lynis
# ./lynis audit system 

performs local security scan and will capture all the details in the log file(/var/log/lynis.log)

Then how audit is different from lynis ?

auditd is daemon to track events(like if your /etc/passwd or /etc/shadow file) being changed where as lynis could track file permission etc not the contents in the file. 

  Lynis security scan details:

  Hardening index : 64 [############        ]
  Tests performed : 206
  Plugins enabled : 2

You could explore more on this tool using ./lynis help, anyway would suggest you to give a try