Objective

Install Lynis and use it to scan for vulnerabilities.

Distributions

Lynis is available for most major distributions.

Requirements

A working Linux install with root privileges.

Difficulty

Easy

Conventions

  • # - requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command
  • $ - requires given linux commands to be executed as a regular non-privileged user

Introduction

Lynis is a tool for performing an automated audit of your system. It's not a virus scanner or an antivirus. Instead, it checks certain criteria on your system to see how it's configured. By evaluating the system configuration, Lynis can give you an idea what areas are reasonably secure, and which ones need additional hardening.

Install Lynis

Lynis is packaged for just about every distribution. It's fairly simple to get installed.

Ubuntu 17.10/Debian Testing and Sid

Ubuntu Artful and the testing releases of Debian have the latest version already available. Just install it.
$ sudo apt install lynis

Ubuntu 16.04/Debian Stable

Debian Stable and Ubuntu 16.04 both have Lynis in their repositories, but it's old. To install the latest version, add the repository from the Lynis developers.
$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C80E383C3DE9F082E01391A0366C67DE91CA5D5F
Add Apt transport over HTTPS.
$ sudo apt install apt-transport-https
Create a file at /etc/apt/sources.list.d/lynis.list. Add in he following line. Ubuntu 16.04
deb https://packages.cisofy.com/community/lynis/deb/ xenial main
Debian Stretch
deb https://packages.cisofy.com/community/lynis/deb/ stretch main
Then, update and install Lynis.
$ sudo apt update
$ sudo apt install lynis

CentOS/RHEL and Fedora

First, install all of the dependencies.
# yum/dnf install ca-certificates curl nss openssl
Next, create a file at /etc/yum.repos.d/lynis.repo. Place the following configuration in the file.
[lynis]
name=CISOfy Software - Lynis package
baseurl=https://packages.cisofy.com/community/lynis/rpm/
enabled=1
gpgkey=https://packages.cisofy.com/keys/cisofy-software-rpms-public.key
gpgcheck=1
Update and install Lynis.
# yum/dnf update
# yum/dnf install lynis

Scan

Scanning with Lynis is very simple. You really just tell Lynis to audit the system, and it runs with it.
# lynis audit system
Lynis will run through and scan your system. As it runs, it prints its results in the terminal. For a more detailed scan, you can tell Lynis to check the entire system with the -c flag.
# lynis audit system -c

The Report



Lynis Scan Results

The report that Lynis generates might be a little confusing at first. The entire report is broken down into sections. The sections break down potential vulnerabilities by service or logical grouping to make the report easier to read.

Next, the results use a color code from green to red to denote the severity of the issue. The results will also tell you the basic status of different things. The results are usually basic, and let you know if something is present or on.

Ultimately, it's up to you to determine whether the results of the report concern you or not. The purpose is to make you aware of potential issues. It's your call on whether or not to act.
ARE YOU LOOKING FOR A LINUX JOB?
Submit your RESUME, create a JOB ALERT or subscribe to RSS feed on LinuxCareers.com.
LINUX CAREER NEWSLETTER
Subscribe to NEWSLETTER and receive latest news, jobs, career advice and tutorials.
DO YOU NEED ADDITIONAL HELP?
Get extra help by visiting our LINUX FORUM or simply use comments below.

You may also be interested in: