Lynis is an auditing tool which tests and gathers information from Unix based systems. The audience for this tool are security and system auditors, network specialists and system maintainers.
Lynis features
– System and security audit checks
– File Integrity Assessment
– System and file forensics
– Usage of templates/baselines (reporting and monitoring)
– Extended debugging features
Lynis requirements
– You have to be root (log in as normal user, su to root), or have equivalent
rights (for example by using sudo).
– Have write access to /var/log (for using a log/debug file)
– Have write access to create a report (most likely in the same directory
where Lynis is located)
– Have write access to /tmp (temporary files)
Lynis Installation
Lynis doesn’t have to be installed, so it can be used directly from a (removable) disk. If you want the
program to be installed, use the following method
Create a custom directory (ie. /usr/local/lynis)
#mkdir /usr/local/lynis
#cd /usr/local/lynis
#wget http://downloads.rootkit.nl/lynis-1.0.5.tar.gz
unpack the tarball
#tar xfvz lynis-1.0.5.tar.gz
Now you have lynis directory
Using Lynis
Depending on the installation or the path you run Lynis from, you can start it with ‘lynis’ (if
installed and the file is available in your binary path) or ‘sh lynis’ or ‘./lynis’.
#./lynis -c
This will produce similar to the following output