How to audit linux server security with Lynis

Server security has an impotent role in web-hosting industry and also it somewhere difficult to manage. Lynis is a tool for managing the server security concern easily. Here I am going to explain the installation and usage of Lynis tool for managing your Linux server security.

Step 1: SSH to your server as root user.

[[email protected] #] ssh [email protected]

Step 2: Create a directory under the ‘/usr/local’ directory for Lynis

[[email protected] ~]# mkdir /usr/local/lynis
[[email protected] ~]# cd /usr/local/lynis
[[email protected] lynis]#

Step 3: Download and extract tar file of Lynis to the newly created directory

[[email protected] lynis]# wget http://cisofy.com/files/lynis-1.3.6.tar.gz
[[email protected] lynis]#  ll
total 132
-rw-r--r-- 1 root root 134121 Dec  3 11:57 lynis-1.3.6.tar.gz

[[email protected] lynis]# tar -xvzf lynis-1.3.6.tar.gz
[[email protected] lynis]# cd lynis-1.3.6  [you can see the Lynis script for auditing here by 'll']

Step 4: Start audit and scan
You can start the audit by executing the ‘lynis’ file from the current directory by following the command below:

[[email protected] lynis-1.3.6]# ./lynis

Usages of Lynis:
1 : Command to list all options/parameters under Lynis

[[email protected] lynis-1.3.6]# ./lynis -h

Example:

[[email protected] lynis-1.3.6]# ./lynis -h

  Scan options:
    --auditor ""            : Auditor name
    --check-all (-c)              : Check system
    --no-log                      : Don't create a log file
    --profile            : Scan the system with the given profile file
    --quick (-Q)                  : Quick mode, don't wait for user input
    --tests ""             : Run only tests defined by 
    --tests-category "" : Run only tests defined by 

  Layout options:
    --no-colors                   : Don't use colors in output
    --quiet (-q)                  : No output, except warnings
    --reverse-colors              : Optimize color display for light backgrounds

  Misc options:
    --check-update                : Check for updates
    --view-manpage (--man)        : View man page
    --version (-V)                : Display version number and quit

  See man page and documentation for all available options.
Exiting..

2 : Audit/Scan – step by step

[[email protected] lynis-1.3.6]# ./lynis -c

3 : All check at a time

[[email protected] lynis-1.3.6]# ./lynis --check-all

Or
[[email protected] lynis-1.3.6]# ./lynis -c -Q

4 : To check Lynis updates

[[email protected] lynis-1.3.6]# ./lynis --check-update

Analyzing audit report:
Lynis store all the logs of audit report in /var/log/lynis.log file. You can analyze the audit report by using ‘less’ command.

[[email protected] lynis-1.3.6]# less /var/log/lynis.log

These are common usage of Lynis script for auditing linux servers.
Thank you..

Arunlal Ashok

Sr. Linux Server Administrator. I'm managing Linux servers since 2012. I started this blog to share and discuss my ideas. Check My Profile in uPwork (oDesk) and create a job, if you need any administration help. Thanks!!

You may also like...

4 Responses

  1. Michael says:

    Thanks for the great article about how to use Lynis!

Leave a Reply

Your email address will not be published. Required fields are marked *