• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

securitywing

Menu
  • About
  • Must Read
      • IIS Performance Boost
      • RFID Security
      • Web App Security Testing
      • How to Secure Home Network
      • Prevent Cross-Site Scripting Attacks
      • Renew Self-Signed Certificates
      • Penetration Testing Tools
      • VPN Concentrator
      • Forensic Investigation Tools
      • Digital Certificates
      • Cloud Security Issues
      • Advanced Evasion Prevention
      • Firewall Types
      • Tips to Prevent Data Exfiltration
      • Classified Info Handling
      • MySQL Security
      • Definition of 7 Types of Malware
      • VOIP Security
      • Why Antivirus Software Fails
      • 15 Network Security Vulnerabilities
      • Web App Security
      • IT Security Standards
      • Types of Virtualization
      • Android Security
      • Digital Signature
      • Advanced Malware Protection
    • Close
  • Consultancy
  • Contact

How to audit Linux CentOS Security with Lynis

by wing

Hardening Linux security may seem to be a daunting task for new Linux administrator and security auditor if they try to do it manually. Lynis automates the process of Linux security audit, which is widely used by system administrator, IT security auditor and  security specialists. When you run Lynis to scan a system, it generates a report and suggestions that helps to patch up the security loopholes. The following are the procedures that you can perform straightway without anyone’s help.

Supported platforms: Red Hat Enterprise Linux (RHEL), CentOS, Debian, FreeBSD, Ubuntu, Linux Mint and some other version of Linux. List of all supported platforms can be found at rootkit.nl/projects/lynis.html

In this instance, I have run all the mentions command in Cent OS 6.4

Create a directory for extracting Lynis files

At first create directory in /usr/local

To create a directory use the following command

# mkdir /usr/local/lynis

To download Lynis to your Linux server, you have to type the location of the lynis file, which is http://www.rootkit.nl/files/lynis-1.3.6.tar.gz

how to download lysis in linux

Remember to login as root user when you download it to your Linux server. To start download, type of following command from the lynis directory. It takes only a few second to complete the download.

# wget http://cisofy.com/files/lynis-1.3.6.tar.gz

For updated version you can check out at http://www.rootkit.nl/projects/lynis.html

Copy the .tar files to the new directory

Next, copy the downloaded file to the lynis directory that you created in step 1. The command for it:

cp lynis-1.3.6.tar.gz /usr/local/lynis

Use the the following command in the same directory to extract the files.

Lynis]# tar xzvf lynis-1.3.6.tar.gz

Next enter the extracted directory using the following command

lynis]# cd lynis-1.3.6

 Start audit and Scan

To see the complete set of lynis parameters type

lynis]# ./lynis

To start scanning, you can choose from two options. One option run all the security checks at a time and another option needs your intervention.

To see all the available scan options, execute the following command:

# ./lynis -c

lynis command for scan options

To run all the check at a time, use the following command.

[root@my lynis-1.3.6]#./lynis -c –Q

Or

[root@my lynis-1.3.6]# ./lynis –check-all

 

If you want to intervene between each audit step type the following command

Lynis]#./lynis -c

linux audito with lynis

Lynis stored the log of audit report in /var/log/lynis.log file. to enter the log file

Go to /var/log  and then type

vi lynis.log

Here I am using Vi editor to see the text, you can choose any editor you like.

At the end of the log file, you will get a list of suggestions to rectify the security holes of your server.

audit suggestions by lynis

Lynis update regularly, to check if you have updated version, type the following command

# ./lynis –check-update

When you update to new version remember to delete both the tar and extracted files in the lynis directory that you created at the first step of the post.

 

 

 

 

 

Related Posts:

  • How to Extend Linux LVM by Adding a New Hard Disk
  • How to Disable Root Login Via SSH in Linux
  • Audit Charter Explained
  • Cisco Router Security Check for Auditor
  • Linux Security Basics

Filed Under: IS Audit Tagged With: audit, linux

Primary Sidebar

CISSP Sample Test

Take a CISSP Sample Test

CISA IT governance Sample test



Twitter Follow @securitywing

Categories

  • AWS
  • containers
  • Internet Security and Safety
  • IS Audit
  • IT Security Exams
  • Network Security Tips
  • Off Track
  • Telecom
  • Tutorial

Pages

  • About
  • Best IT Security Certification Exam
  • CISA IT governance Sample test
  • CISA Sample Test
  • CISSP Sample Test Online
  • Consultancy
  • Contact

Popular Posts

  • 3 Steps to Install Miniku...
  • How to install a new Goda...
  • 63 Web Application Securi...
  • How to Renew Self-Signed...
  • Host Based IDS vs Network...
  • How to Setup AWS CloudFro...
  • 8 Effective Ways to Impro...
  • Active vs Passive FTP Mod...
  • Top 10 RFID Security Conc...
  • How to Configure AAA (TAC...

Footer

Copyrights

Protected by Copyscape Duplicate Content Detection Software

Securitywing.com reserves the copyrights of all of its published articles.No contents of this site is permitted to be published to anywhere else in the Internet.If any contents are found in any other websites, securitywing reserves the rights to file a DMCA complaint. But you have the right to use the link of any relevant article of this site to point from your website if you consider that it might improve the quality of your article.

Tags

antivirus audit AWS backup browser check cisco cloud computer cyber data database encryption firewall home hsrp ids informaiton internet intrusion it kubernetes linux load balancing malware network protection putty risk router security security tips server ssh SSL switch tools virus vpn vulnerability web webserver website windows wordpress

Copyright © 2010-2023 ·All Rights Reserved · SecurityWing.com