Installing the lynis audit tool in centos8

Time:2022-5-25

Lynis is an open source security audit tool designed for Linux and UNIX derivatives such as FreeBSD and OpenBSD. It is used for a variety of purposes, including security audit, vulnerability detection and compliance testing. The purpose of using audit tools such as lynis is to detect and resolve any potential security vulnerabilities and configuration errors, such as weak passwords or inappropriate permissions.
Install lynis
Next, use DNF package manager to install lynis

[[email protected] ~]# yum -y install lynis
Check the version. The version is consistent with the current version on the official website:

[[email protected] ~]# lynis –version
3.0.6
Lynis command
To display the available commands, execute the following command:

[[email protected] ~]# lynis show commands

Commands:
lynis audit
lynis configure
lynis generate
lynis show
lynis update
lynis upload-only
How to install the lynis audit tool in centos8 how to install the lynis audit tool in centos8
Lynis also comes with audit profiles that identify or describe how security audits should be performed. The configuration file is located in the / etc / lynis directory.

The following command lists the audit profile:

[[email protected] ~]# lynis show profiles
/etc/lynis/default.prf
In addition, you can display the settings of lynis as follows:

[[email protected] ~]# lynis show settings
How to install the lynis audit tool in centos8 how to install the lynis audit tool in centos8

How to perform security audits using lynis
To perform a basic security audit of the system, run the following command:

[[email protected] ~]# lynis audit system
How to install the lynis audit tool in centos8 how to install the lynis audit tool in centos8
How to install the lynis audit tool in centos8 how to install the lynis audit tool in centos8
When this command is executed, lynis detects any potential weaknesses or vulnerabilities in the system and software configuration. Lynis then records the audit information in / var / log / lynis Log file and store the audit report in / var / log / lynis report Dat file.

Key areas in which lynis performs system checks include:

  1. boot file
  2. software package
  3. configuration file
  4. Directories related to logging and auditing
    In the process of system audit, you are likely to encounter different audit results. The keywords are found, OK, not found, suggestion, warning, etc.

Special attention should be paid to the system inspection that generates warning. Measures should be taken to solve the problems described, as this may undermine the safety of the system.

From our audit inspection, lynis marked a problem related to SELinux.
How to install the lynis audit tool in centos8 how to install the lynis audit tool in centos8
At the end of the scan, an audit summary will be received, including warnings and recommendations that can be used to enhance system security. Each suggestion will have a URL connection, which records how to solve the problem.
How to install the lynis audit tool in centos8 how to install the lynis audit tool in centos8

View details of a specific audit
Each system check is associated with a unique test ID. To display specific details of a test, use the following syntax:

$ lynis show details TEST-ID
For example, to view the details of the warnings and suggestions we received in the summary section, run the command, where ssh-7408 is the test ID.

[[email protected] ~]# lynis show details SSH-7408
How to install the lynis audit tool in centos8 how to install the lynis audit tool in centos8
Run the following command to view various test IDS:

[[email protected] ~]# lynis show tests
How to install the lynis audit tool in centos8 how to install the lynis audit tool in centos8
To view the entire audit information, simply view the lynis audit log file.

[[email protected] ~]# less /var/log/lynis.log
summary
It’s easy to install lynis and run audit reports. This provides much-needed visibility to the system and provides key recommendations that can improve server security.