So what is this Lynis tool all about?
Lynis is a security tool used for auditing Unix based systems it’s main aims are to achieve automated security auditing, compliance testing for standards such as ISO27001, PCI-DSS and HIPAA. It also offers vulnerability detection for areas of the system that could be vulnerable to issues such as privilege escalation.
The tools can run security scans on the system itself or even remotely. The primary goal of this tool is to test the configuration of a system and provide tips to harden security. The tool can also scan for general information and vulnerable software packages and possible configurations flaws in the system.
Lynis is commonly used by the system administrators and security penetration testers to perform audits and assess a system’s security.
Let’s have a look at it in action!
After running the tool on our test machine, we found it displays a number of helpful recommendations in hardening your system. Here is an example below:
How Can I Install it?
You can get the tool HERE
In order to install the tool, you need to clone the GitHub repo of the tool.
git clone https://github.com/CISOfy/lynis
cd lynis; ./lynis audit system