Linux vulnerability scanning with Lynis

Developed by Cisofy (www.cisofy.com), Lynis is a command-line security auditing tool available within Kali Linux. Lynis is free to use, but an enterprise version also available. Lynis can be used to perform automated security audit assessments and vulnerability scans on various versions of Linux, macOS X, and Unix-based operating systems.

What makes Lynis stand out is its focus on performing various HIPAA, PCIDSS, SOX, and GLBA compliance audits, which hold much value in an enterprise that has adopted various standards for compliance. Lynis can be downloaded and installed on standalone systems, thereby eliminating much of the traffic generated by remote auditing and vulnerability assessment tools, although there is the option to perform remote assessments.

Lynis is part of the Kali Linux suite, but can can also be cloned from GitHub (https://github.com/CISOfy/lynis) or downloaded directly from the official website (https://cisofy.com/documentation/lynis/get-started/#installation).

To run Lynis in Kali, you can do so via the main menu by clicking on Applications, then Vulnerability Analysis, then Lynis, or by typing lynis in the Terminal. This command displays the installed version of Lynis (in this case, 2.6.2) and initializes the program. Helpful command options are also displayed, as seen in the following screenshot:

You may also type lynis show commands at any time to view the available commands within Lynis:

With Lynis being a fully automated audit assessment tool, there are minimal commands to use. To audit your entire Kali Linux machine, simply type lynis audit system. The timeframe for this assessment depends on the specifications of the Kali Linux machine running the assessment, but usually ranges from 15 to 30 minutes. The audit is shown here:

Some of the testing and audits performed against the system include the following:

  • Debian tests
  • Boot and services
  • Kernel
  • Memory and processes
  • Users, groups, and authentication
  • Shells
  • Filesystem
  • USB devices
  • Networking and firewalls
  • Ports and printers
  • Kernel hardening

The following screenshot shows a snippet of the Lynis audit results, with 4 warnings and 40 suggestions:

Scrolling to the end of the audit assessment, we can find the summarized details of the Lynis audit as follows:

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.149.251.154