Lynis Shell Skript Checks Unix Security

Jul 16, 2008

The first step towards improving a system's security, is discovering the status quo. Lynis, a small command line program helps users do so.

Dutch developer Michael Boelen authored the program, which is based on shell scripts and checks Unix-style systems for vulnerabilities. The program will run from any medium at the command line.
Lynis scans the operating system and installed software searching for security issues as it does. For example, the script checks whether the SSL certificates in use on the system are obsolete. It also checks for obsolete software, threats due to accounts without password protection, and incorrectly assigned file permissions. Lynis also performs diagnostics for your firewall if you have one.
Lynis can't resolve vulnerabilities itself, however, it does help to identify installation issues and existing threats.
On the project website Boelen writes that he has tested Lynis successfully on various systems including Debian 4.0, OpenSuSE, Slackware 12.1, and various Ubuntu releases, FreeBSD, Mac OS X 10.x, and PcBSD. According to Boelen, the script will also check HP-UX and AIX.
For more information and to download the program as a zipped tarball, visit the Lynis website. Lynis is licensed under the GPL Version 3.

Related content

  • Expert Security Intro

    Internet intruders have many ingenious ways of escalating privileges and hiding their presence once they get inside your system. The best protection is to keep them out in the cold.

  • Advisory Check 2.20 with More Feeds and HP-UX

    Advisory Check (advchk), a small tool for monitoring installed software security, is now available in version 2.20. It has extended its source feeds and is now supported on HP-UX.

  • Bash vs. Vista PowerShell

    Microsoft’s new PowerShell relies on .NET framework libraries and thus has access to a treasure trove of functions and objects. How does PowerShell measure up to traditional shells like Bash?

  • Books
  • PHP Shell and Shell in a Box

    Firewalls often block shell access for remote users on a corporate network or at an Internet cafe. Luckily, tools like PHP Shell and Shell in a Box put the shell in a browser window.

comments powered by Disqus

Issue 19: Linux Shell Handbook 5th Ed./Special Editions

Buy this issue as a PDF

Digital Issue: Price $15.99
(incl. VAT)

News