Presentation is loading. Please wait.

Presentation is loading. Please wait.

Vulnerability Scanning With 'lynis'

Published byHope Waters Modified over 6 years ago

Similar presentations

Presentation on theme: "Vulnerability Scanning With 'lynis'"— Presentation transcript:

1 Vulnerability Scanning With 'lynis'
(discovery of specific vulnerabilities) Presented by Dave Mawdsley, DACS Member, Linux SIG May 15, 2013

2 What Does 'lynis' Do? 1 lynis is a computer/server scannning tool running at the root level to find potential security issues. It looks for holes in the ways that the computers are set up and makes recommendations for improvements. Each item checked is described with: OK, WARNING, FOUND, WEAK, etc. Kinds of things that lynis can study: System tools, Boot loaders, startup services, Kernel: run level, loaded modules, kernel configuration, core dumps, Memory and processes: zombie processes, IO waiting processes, Users, groups and authentication: group IDs, sudoers, PAM configuration, password aging, default mask, File systems: mount points, /tmp files, root file system, Storage: usb-storage, firewire ohci, NFS Software: name services: DNS search domain, BIND Ports and packages: vulnerable/upgradable packages, security repository, Software: firewalls: iptables, pf,Software: webserver: Apache, nginx. SSH support: SSH configuration, SNMP support Databases: MySQL root password LDAP services, Software: php: php options, Scheduled tasks: crontab/cronjob, atd, Time and synchronization: ntp daemon, Cryptography: SSL certificate expiration, Security frameworks: AppArmor, SELinux, grsecurity status, Software: file integrity, Software: malware scanners, Home directories: shell history files, and other items.

3 Installing and Running lynis
2 In terminal the utility can installed with: sudo apt-get install lynis then get updates with: sudo lynis –check-update and then run the tool with interactive continuing with: sudo lynis -c

4 The lynis Logs 3 Once the scan is complete, it's time to see the issues. The full log is at: sudo nano /var/log/lynis.log The list of warnings is at: sudo grep Warning /var/log/lynis.log The list of suggestions is at: sudo grep Suggestion /var/log/lynis.log

5 A Few Other lynis Options
4 Scan options: --auditor "<name>" : Auditor name --check-all (-c) : Check system --no-log : Don't create a log file --profile <profile> : Scan the system with the given profile file --quick (-Q) : Quick mode, don't wait for user input --tests "<tests>" : Run only tests defined by <tests> --tests-category "<category>" : Run only tests defined by <category> Layout options: --no-colors : Don't use colors in output --quiet (-q) : No output, except warnings --reverse-colors : Optimize color display for light backgrounds Misc options: --check-update : Check for updates --view-manpage (--man) : View man page --version (-V) : Display version number and quit

6 Final Thoughts on lynis
6 Final Thoughts on lynis While the utility can find vulnerabilities, decisions have to be made as to the seriousness of the particular situation. For example, a file server in a LAN doesn't need as many protections as an Internet facing webserver making use of databases, DNS and . The more programs that are running on a server and particularly those that face the Internet, the more protections that are needed. Turning off unneeded programs certainly helps and would be a good first step. Any computer or server making use of money transactions in any form need special protections. Credit card transactions have strict rules that must be followed. Decisions related to fixing the vulnerabilities involve people, costs, politics, etc. Each situation brings with it the good, the bad and the ugly. A safe balance is what's needed.

7 Vulnerability Scanning With 'lynis'
(discovery of specific vulnerabilities) This OpenOffice.org Presentation 'lynis.odp' can be downloaded from

Download ppt "Vulnerability Scanning With 'lynis'"

Similar presentations

Linux can be generally divided into four major components: 1. KERNEL – OS, ultimate boss The kernel is the core program that runs programs and manages.

Linux can be generally divided into four major components: 1. KERNEL – OS, ultimate boss The kernel is the core program that runs programs and manages.
Vulnerability Analysis Borrowed from the CLICS group.

Vulnerability Analysis Borrowed from the CLICS group.
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
© 2010 VMware Inc. All rights reserved VMware ESX and ESXi Module 3.

© 2010 VMware Inc. All rights reserved VMware ESX and ESXi Module 3.
Securing LAMP: Linux, Apache, MySQL and PHP Track 2 Workshop PacNOG 7 July 1, 2010 Pago Pago, American Samoa.

Securing LAMP: Linux, Apache, MySQL and PHP Track 2 Workshop PacNOG 7 July 1, 2010 Pago Pago, American Samoa.
Raspberry Pi Training Truman College 10-21-14. Goals of our Training Today Unbox and boot up the Raspberry Pi (RPi) Learn how to access the desktop graphical.

Raspberry Pi Training Truman College Goals of our Training Today Unbox and boot up the Raspberry Pi (RPi) Learn how to access the desktop graphical.
Cyber Patriot Training

Cyber Patriot Training
®® Microsoft Windows 7 for Power Users Tutorial 8 Troubleshooting Windows 7.

®® Microsoft Windows 7 for Power Users Tutorial 8 Troubleshooting Windows 7.
Hands-On Microsoft Windows Server 2008

Hands-On Microsoft Windows Server 2008
Overview: Identify the Internet protocols and standards Identify common vulnerabilities and countermeasures Identify specific IIS/WWW/FTP concerns Identify.

Overview: Identify the Internet protocols and standards Identify common vulnerabilities and countermeasures Identify specific IIS/WWW/FTP concerns Identify.
Using Windows Firewall and Windows Defender

Using Windows Firewall and Windows Defender
COMPREHENSIVE Windows Tutorial 5 Protecting Your Computer.

COMPREHENSIVE Windows Tutorial 5 Protecting Your Computer.
OS Hardening Justin Whitehead Francisco Robles. ECE 4112 - Internetwork Security OS Hardening Installing kernel/software patches and configuring a system.

OS Hardening Justin Whitehead Francisco Robles. ECE Internetwork Security OS Hardening Installing kernel/software patches and configuring a system.
Linux Introduction What is Linux? How do you use it?

Linux Introduction What is Linux? How do you use it?
UNIX (Linux) Introduction Module-1. OS Kernel In computing, the kernel is the central component of OS. It is a bridge between applications and the actual.

UNIX (Linux) Introduction Module-1. OS Kernel In computing, the kernel is the central component of OS. It is a bridge between applications and the actual.
1 Linux Security. 2 Linux is not secure No computer system can ever be completely secure. –make it increasingly difficult for someone to compromise.

1 Linux Security. 2 Linux is not secure No computer system can ever be "completely secure". –make it increasingly difficult for someone to compromise.
General rules 1. Rule: 2. Rule: 3. Rule: 10. Rule: Ask questions ……………………. 11. Rule: I do not know your skill. If I tell you things you know, please stop.

General rules 1. Rule: 2. Rule: 3. Rule: 10. Rule: Ask questions ……………………. 11. Rule: I do not know your skill. If I tell you things you know, please stop.
Linux Services Configuration

Linux Services Configuration
Host Security Overview Onion concept of security Defense in depth How secure do you need to be? You can only reduce risk Tradeoffs - more security means:

Host Security Overview Onion concept of security Defense in depth How secure do you need to be? You can only reduce risk Tradeoffs - more security means:
Securing the Linux Operating System Erik P. Friebolin.

Securing the Linux Operating System Erik P. Friebolin.

Similar presentations

Ads by Google