LYNIS – Security Auditing and Pen Tester tool
Lynis is an open source security tool and pen tester tool as well, which runs on UNIX-alike systems (Linux, macOS, BSD). It is a security auditing tool and its main purpose is to test security defenses and harden UNIX based systems. This performs the in-depth security scan on the system. It scans system info., vulnerable software, and other configuration issues. Besides the “blue team”, nowadays penetration testers also have Lynis in their systems.
Goals of LYNIS:
Its main goal is:
1. Automated security auditing
2. Compliance testing
3. Vulnerability detection
Lynis tool is used by System admins, Auditors, Security teams, Penetration testers and Security professionals. This tool also assists with Configuration and asset management, Software patch management, System hardening, Penetration testing , Intrusion detection.
Compatibility for OS:
This tool runs on almost all UNIX-based systems including:
- and others.
It also runs with systems like the Raspberry Pi, IoT devices, and QNAP devices.
Auditing steps during typical scan:
- Initialization and basic checks
- Determine operating system and tools
- Search for available system utilities
- Check for Lynis update
- Run enabled plugins
- Run security tests per category
- Perform execution of your custom tests
- Report status of security scan
How to install LYNIS:
For Red Hat:
-systems running YUM, including CentOS, Fedora, Red Hat Enterprise Linux (RHEL).
$ yum install lynis
-systems running Debian, Linux Mint, Ubuntu, or other.
$ apt-get install lynis
$ zypper install lynis
Tools involved in lynis package:
To download Lynis tool click here.