Lynis包装说明

Lynis是一个开放源码的安全审计工具。它的主要目标是审计和硬化Unix和Linux的系统。它通过执行许多安全控制检查扫描系统。例子包括搜索已安装的软件,并确定可能的配置缺陷。

许多测试都是常见的安全指导方针和标准的部分,在顶部额外的安全检查。扫描后的报告将显示所有已发现的结果。为您提供初步指导,链接共享给相关Lynis控制。

资料来源:http://rootkit.nl/projects/lynis.html
Lynis首页 | 卡利Lynis回购

  • 作者:迈克尔·Boelen
  • 许可:GPLv3的

包含在lynis包工具

lynis - 开源安全审计工具
[email protected]:~# lynis -h

[ Lynis 1.4.1 ]

################################################################################
 Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
 welcome to redistribute it under the terms of the GNU General Public License.
 See the LICENSE file for details about using this software.

 Copyright 2007-2014 - Michael Boelen, http://cisofy.com
 Enterprise support and plugins available via CISOfy - http://cisofy.com
################################################################################

[+] Initializing program
------------------------------------
  Scan options:
    --auditor "<name>"            : Auditor name
    --check-all (-c)              : Check system
    --no-log                      : Don't create a log file
    --profile <profile>           : Scan the system with the given profile file
    --quick (-Q)                  : Quick mode, don't wait for user input
    --tests "<tests>"             : Run only tests defined by <tests>
    --tests-category "<category>" : Run only tests defined by <category>

  Layout options:
    --no-colors                   : Don't use colors in output
    --quiet (-q)                  : No output, except warnings
    --reverse-colors              : Optimize color display for light backgrounds

  Misc options:
    --check-update                : Check for updates
    --view-manpage (--man)        : View man page
    --version (-V)                : Display version number and quit

  See man page and documentation for all available options.

Exiting..

lynis用法示例

扫描系统在安静模式(-Q)和输出的cronjob格式(-cronjob):

[email protected]:~# lynis -Q --cronjob

[ Lynis 1.5.5 ]

################################################################################
 Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
 welcome to redistribute it under the terms of the GNU General Public License.
 See the LICENSE file for details about using this software.

 Copyright 2007-2014 - Michael Boelen, http://cisofy.com
 Enterprise support and plugins available via CISOfy - http://cisofy.com
################################################################################

[+] Initializing program
------------------------------------
- Detecting OS...  [ DONE ]
- Clearing log file (/var/log/lynis.log)...  [ DONE ]

  ---------------------------------------------------
  Program version:           1.5.5
  Operating system:          Linux
  Operating system name:     Debian
  Operating system version:  Kali Linux 1.0.9
  Kernel version:            3.14-kali1-686-pae
  Hardware platform:         i686
  Hostname:                  kali
  Auditor:                   [Unknown]
  Profile:                   /etc/lynis/default.prf
  Log file:                  /var/log/lynis.log
  Report file:               /var/log/lynis-report.dat
  Report version:            1.0
  Plugin directory:          /etc/lynis/plugins
  ---------------------------------------------------
- Checking profile file (/etc/lynis/default.prf)...