Lynis Shell Skript Checks Unix Security

Jul 16, 2008

The first step towards improving a system's security, is discovering the status quo. Lynis, a small command line program helps users do so.

Dutch developer Michael Boelen authored the program, which is based on shell scripts and checks Unix-style systems for vulnerabilities. The program will run from any medium at the command line.
Lynis scans the operating system and installed software searching for security issues as it does. For example, the script checks whether the SSL certificates in use on the system are obsolete. It also checks for obsolete software, threats due to accounts without password protection, and incorrectly assigned file permissions. Lynis also performs diagnostics for your firewall if you have one.
Lynis can't resolve vulnerabilities itself, however, it does help to identify installation issues and existing threats.
On the project website Boelen writes that he has tested Lynis successfully on various systems including Debian 4.0, OpenSuSE, Slackware 12.1, and various Ubuntu releases, FreeBSD, Mac OS X 10.x, and PcBSD. According to Boelen, the script will also check HP-UX and AIX.
For more information and to download the program as a zipped tarball, visit the Lynis website. Lynis is licensed under the GPL Version 3.

comments powered by Disqus

Issue 27: Raspberry Pi Adventures/Special Editions

Buy this issue as a PDF

Digital Issue: Price $15.99
(incl. VAT)