Linux tool Lynis use examples

Lynis is an auditing tool in Linux system that can detect the security of Linux systems. After scanning and detecting Linux systems, it will generate reports. The following small series will introduce you how Linux uses Lynis tools to detect system security. .

How to use:

Installation:

#apt-get install lynis

Use examples

Check all (most commonly used 9):

#lynis --check-all -Q

FIG worksurface

using crontab automatically check:

#lynis - c --auditor “automated” --cronjob 》 /var/log/lynis/report.txt

Checking an item:

#lynis --tests FILE-6354 –quick< Br>

Check the content:

# grep Warning /var/log/lynis.log

Check the suggested content:

# grep Suggestion /var/log/Lynis.log

Lynis is a system security detection tool for various UNIX based systems. The program is built with Shell Script. It can find out where the system security needs to be strengthened, and at the same time provide many practices and suggestions for improving system security. It is a practical and systematic way for system administrators to learn (or review) many system security concepts. tool. Inadequacies: This tool comprehensively covers the audit content of system security, but each audit item is not deep, and needs specific extensions, such as PHP, Apache, MySQL security configuration, you need to refine.

The above is the introduction of Linux using Lynis to detect system security. In order to ensure the normal operation of the system, it is sometimes necessary to use tools to periodically detect Linux systems.