Lynis

From aoxoaWiki
Jump to: navigation, search

Lynis is an open source security auditing package, that aims to assist system administrators with checking and 'hardening' Unix and Linix systems (including OSX). There are commercial 'enterprise' versions of the system, but Lynis itself is open source.

It is a fairly low-level utility, and doesn't have a nice GUI interface.

Below are some instructions for building and running the utility.

Building Lynis

The instructions to build Lynis are pretty much the same across operating systems. Where differences occur, they will be identified.

Installation Folders

For Unix/Linux, it is probably easier to run this as root. For OSX, you may need to sudo certain commands.

The ultimate folder in this example will be /usr/local/lynis

  cd /usr/local

Get the Source

Go to the Lynis Download page, and inspect the DOWNLOAD button to get the URL for the package. For example:

  https://cisofy.com/files/lynis-1.6.4.tar.gz

Also take note of the SHA256SUM hash values (to verify integrity).

The following commands are O/S specific:

OSX

  curl https://cisofy.com/files/lynis-1.6.4.tar.gz -o lynis-1.6.4.tar.gz

OpenSuSE 13.1 and/or Oracle Linux

  wget https://cisofy.com/files/lynis-1.6.4.tar.gz

Verify the Source

Ensure that the hash is the same as given on the download page. If not, it may indicate a corrupted download, or possible (malicious) tampering.

OSX

  shasum -a 256 lynis-1.6.4.tar.gz

OpenSuSE 13.1 and/or Oracle Linux

  sha256sum lynis-1.6.4.tar.gz

Uncompress and Expand Lynis

  gunzip lynis-1.6.4.tar.gz
  tar xvf lynis-1.6.4.tar
  rm lynis-1.6.4.tar

alternatively:

  tar xvfz lynis-1.6.4.tar.gz
  rm lynis-1.6.4.tar.gz

Lynis is now Installed

Congratulations, Lynis is now installed.

Running Lynis

Lynis must be run from the folder in which it was installed. Alternatively, that folder added to the system path, but really, that is probably overkill.

  cd /usr/local/lynis
  sudo ./lynis --checkall

Evaluating Results

This is the tough on. Any exceptions and warnings should be investigated. I will add some documentation here as i work through the results....

Online Resources

Lynis at www.cisofy.com

Lynis documentation


Back to Main Page