Categories

 

Archives

Recent Posts

Search

Blogroll

Meta:

Lynis - security and system auditing tool

July 16th, 2008 by vicky

Michael Boelen, the author of RKHUNTER rootkit checker has made another nice auditing tool - Lynis. It works on many Linux/Debian/MacOS/BSD systems and provides you the admin important information about system configuration and security issues.

Update: On 16th July 2008 there was version 1.1.8 released. I updated this how-to.

The installation is very simple.

cd /root/
wget http://www.rootkit.nl/files/lynis-1.1.8.tar.gz
tar xvfz lynis-1.1.8.tar.gz
rm -f lynis-1.1.8.tar.gz
cd lynis-1.1.8

now run “./lynis” to see all available options.

I prefer running it “./lynis -c -Q” so it does complete scan and does not wait after every page for my keypress. There is summary at the end of the scan which gives you info about warnings. I advise you to check all the things it reports. It is very nice tool and I will definitely monitor its future development.

Here is the changelog for version 1.1.8:

* 1.1.8 (16.07.2008)

 New:
 - Mac OS X support extended and new options added

 Changes:
 - Extended default profile
 - Improved several screen output lines
 - User ID check improved, so it works better with older Solaris versions
 - Hostname in output and reports will contain only host now, not FQDN
 - Added extra php.ini locations to tests_php
 - Replaced ‘ps’ in tests with PSBINARY value for better support
 - Added output to zones test [VIRT-1902]
 - Updated description [AUTH-9218]
 - Extended ntp daemon/ntpdate check [TIME-3104]
 - Added suggestion to bootable scripts check [BOOT_5184]
 - Bugfix and improvement for FreeBSD portsclean test [PKGS-7348]
 - Added Mac OS support to MAC address gathering test [NETW-3006]
 - Added MAC OS support to inet and inet6 addresses test [NETW-3008]
 - Extended PHP expose_php test to support additional options [PHP-2372]
 - Improved LDAP test so it skips correctly on Mac OS AUTH-9238]
 - Bugfix: MySQL status check gave incorrect output [DBS-1804]

Posted in Security |

4 Responses

  1. Michael Boelen Says:
    February 6th, 2008 at 11:25 am

    Thanks for writing about my tool :)

    Michael

    p.s. rm -f xvfz lynis-1.0.7.tar.gz won’t work

  2. vicky Says:
    February 15th, 2008 at 1:35 pm

    Michael - sorry about that typo. I corrected it and updated the instructions to reflect Lynis 1.0.8.

    Keep up the good work.

  3. Sabeer MZ Says:
    July 1st, 2008 at 5:51 am

    Hello

    I m getting below error while running ./lynis -c, could u please help me. I using Sun Solaris 10 on sparc hardware.

    bash-3.00# ./lynis -c -Q

    [ Lynis 1.1.7 ]

    ################################################################################
    Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
    welcome to redistribute it under the terms of the GNU General Public License.
    See LICENSE file for details about using this software.

    Copyright 2007-2008 - Michael Boelen, http://www.rootkit.nl/
    ################################################################################

    [+] Initializing program
    ————————————
    id: illegal option — u
    Usage: id [-ap] [user]
    ./lynis: test: argument expected

  4. admin Says:
    July 3rd, 2008 at 5:46 am

    I think you better contact Michael Boelen who is the author of this tool. His contact info can be found at http://www.rootkit.nl/

    I’m using it on linux systems and I’m not familiar with Solaris at all.

Leave a Comment

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.