fbpx

Lynis Security & System Auditing Tool

P { margin-bottom: 0.08in; }A:link { }

http://www.ehacking.net/2014/03/lynis-security-system-auditing-tool.html
Lynis is an auditing tool for
Unix/Linux. It performs a security scan and determines the hardening
state of the machine. Any detected security issues will be provided
in the form of a suggestion or warning. Beside security related
information it will also scan for general system information,
installed packages and possible configuration errors. In general it
is a security and system auditing tool to harden Linux systems.

This
software aims in assisting automated auditing, hardening, software
patch management, vulnerability and malware scanning of Unix/Linux
based systems. It can be run without prior installation, so inclusion
on read only storage is possible (USB stick, cd/dvd).

Lynis
assists auditors in performing Basel II, GLBA, HIPAA, PCI DSS and SOx
(Sarbanes-Oxley) compliance audits.

Intended audience:

Security specialists, penetration testers, system auditors,
system/network managers.

Examples of audit
tests:

    – Available authentication methods
    – Expired SSL
    certificates
    – Outdated software
    – User accounts without
    password
    – Incorrect file permissions
    – Configuration errors

    Firewall auditing
     
Lynis is an audit script written in the
common shell scripting language (sh). Therefore it runs on most
systems without any adjustments. Packages are created by several
maintainers, for easier installation. Still, if one would like to use
the latest version, simply download the tarball, extract it to a
temporary directory and run the tool. 
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...