description

Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your systems to support system hardening and compliance testing. The project is open source software with the GPL license and available since 2007.

install

• apt-get install lynis

first run

with pause

• lynis audit system

without pause

• lynis audit system --quick

update check

• lynis update info

update lynis

ubuntu way

• sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C80E383C3DE9F082E01391A0366C67DE91CA5D5F
• sudo apt install apt-transport-https
• echo 'Acquire::Languages "none";' | sudo tee /etc/apt/apt.conf.d/99disable-translations
• echo "deb https://packages.cisofy.com/community/lynis/deb/ stable main" | sudo tee /etc/apt/sources.list.d/cisofy-lynis.list
• sudo apt update
• sudo apt install lynis

repositories

• https://packages.cisofy.com/community/

solutions

Malware scanner

• apt-get install chkrootkit

PKGS-7392 - Vulnerable packages

• apt-get update ; apt-get upgrade -y

Couldn't find 2 responsive nameservers

• 2 nameserver in /etc/resolv.conf

log

• cat /var/log/lynis.log

report data

• cat /var/log/lynis-report.dat

links

• https://cisofy.com/lynis/
• https://cisofy.com/documentation/lynis/