Lynis Shell Skript Checks Unix Security

Jul 16, 2008

The first step towards improving a system's security, is discovering the status quo. Lynis, a small command line program helps users do so.

Dutch developer Michael Boelen authored the program, which is based on shell scripts and checks Unix-style systems for vulnerabilities. The program will run from any medium at the command line.
Lynis scans the operating system and installed software searching for security issues as it does. For example, the script checks whether the SSL certificates in use on the system are obsolete. It also checks for obsolete software, threats due to accounts without password protection, and incorrectly assigned file permissions. Lynis also performs diagnostics for your firewall if you have one.
Lynis can't resolve vulnerabilities itself, however, it does help to identify installation issues and existing threats.
On the project website Boelen writes that he has tested Lynis successfully on various systems including Debian 4.0, OpenSuSE, Slackware 12.1, and various Ubuntu releases, FreeBSD, Mac OS X 10.x, and PcBSD. According to Boelen, the script will also check HP-UX and AIX.
For more information and to download the program as a zipped tarball, visit the Lynis website. Lynis is licensed under the GPL Version 3.

Related content

  • Security Bug in Legacy Unix HP-UX

    A security bug has been discovered in Hewlett Packard's HP-UX Unix version; there are no plans to remove it.

  • Command Line: sed

    Working with a text editor can be difficult if you need to handle frequently recurring tasks or multiple files. sed can save a lot of typing.

  • PHP Shell and Shell in a Box

    Firewalls often block shell access for remote users on a corporate network or at an Internet cafe. Luckily, tools like PHP Shell and Shell in a Box put the shell in a browser window.

  • Expert Security Intro

    Internet intruders have many ingenious ways of escalating privileges and hiding their presence once they get inside your system. The best protection is to keep them out in the cold.

  • Rush Hour: Newest GNU Restricted User Shell

    The latest stable release of the GNU Restricted User Shell (Rush), version 1.5, includes new configuration offerings and a notification feature.

comments powered by Disqus

Issue 33: Discover LibreOffice/Special Editions

Buy this issue as a PDF

Digital Issue: Price $15.99
(incl. VAT)