Using Lynis to Scan Linux for Vulnerabilities
-
This is a new tool that I just learned about and wanted to share. Lynis is a Linux vulnerability scanner.
-
This will be really helpful, thanks!
-
Thanks once again @scottalanmiller had a customer who wanted to secure his linux web server and he was about to face an audit! I installed the server with all necessary updates, patches and setup configserverfirewall, scanned for issues, fixed that as well. Then used Lynis and scanned and fixed the issues shown on that as well. To my surprise, the audit team also scanned with Lynis and found everything OK!
I am adding this tool to my fav list!
Thank you!
-
That's awesome. Good to know that Linux security auditors use this too. That's very good to know.
-
Sounds like a good tool to know!
-
Yes, it is! I am planning to have the enterprise version for all our hosting servers, just as an added security measure. It even scans your server and show if you are patched against the shellshock and other vulnerabilities.
-
I was just checking the enterprise version, but the initial licensing is minimum 10 servers with 1 year plan. So on the last stage of registration, I dropped the plan, as I wanted to make sure the enterprise version is worth the upgrade before going full fledge.
Today I got an email from the Lynis team, offered me a single server enterprise version for testing. Response and support from them seems to be good. Will evaluate a test server with that and share the details here.
-
@ambarishrh said:
Today I got an email from the Lynis team, offered me a single server enterprise version for testing. Response and support from them seems to be good. Will evaluate a test server with that and share the details here.
Awesome. Looking forward to hearing how it is.
-
So I got a chance to work on Lynis enterprise edition and here are some snapshots from the web interface.
The solution is getting regular updates, so the real screenshots might look somewhat different. I think the images are pretty self explanatory!!
-
Very nice. that's a great tool!!