Lynis is an open-source security auditing tool used for in-depth system-wide security scans. It provides useful information about vulnerabilities in your system and suggestions on how to improve security. Lynis allows you to easily scan your system features such as application patch management, ports, file system, kernel, databases, and much more. System admins and security professionals can scan systems extensively in a very short time.
Lynis can be used in both enterprise environments and on small and medium enterprises.
Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to perform related Linux security scans queries.
In this context, we shall look into how to install and use Lynis on Ubuntu 20.04
1. Check version available in repo
First, let's check the Lynis version available in the Ubuntu 20.04 repo. Run the below command:
$ apt-cache policy lynis
You can download the latest release from the Lynis community software repository.
2. Install PGP key & Repo
First, download and add the PGP signing key from a central keyserver. Execute the commands:
$ wget -O - https://packages.cisofy.com/keys/cisofy-software-public.key | sudo apt-key add -
Next, add the Lynis repository to the system package repository list with the below command:
$ echo "deb https://packages.cisofy.com/community/lynis/deb/ stable main" | sudo tee /etc/apt/sources.list.d/cisofy-lynis.list
To use Lynis with only English, disable translations from being downloaded with the below command:
$ echo 'Acquire::Languages "none";' | sudo tee /etc/apt/apt.conf.d/99disable-translations
3. Perform System Update
Next, update the system packages before proceeding with the installation. Run the commands:
$ sudo apt install apt-transport-https
$ sudo apt update
4. Install Lynis
Now we are ready to install Lynis on our system. Execute the command:
$ sudo apt install lynis
Once the installation is done, confirm the Lynis version installed on your system with the below command:
$ lynis show version
Now that the latest version of Lynis is installed, let's learn how to use this tool to audit the system. The syntax of the Lynis command is as follows:
$ lynis [scan mode] [other options]
We can view the Lynis commands as shown:
$ lynis show commands
To view settings run:
$ lynis show settings
To perform a system audit on the machine, simply run the following command:
$ sudo lynis audit system
During the auditing process, Lynis executes tests and generates output separated into many areas such as security, suggestions, file system, test result, debug information, and so on. The auditing report is saved to /var/log/lynis-report.dat, and all test and debug information is written to /var/log/lynis.log. The report file contains general information on the system application, server vulnerable packages, and so forth. The prior test results will be overwritten each time you perform a new system audit.
Lynis usually provides suggestions at the end of the auditing on how to harden your system.
Each system check has a unique test ID. If you require additional information about a certain test, use the command below and its ID and display further information.
$ lynis show details TEST-ID
To uninstall only the lynis package we can use the following command:
$ sudo apt-get remove lynis
We can use the following command to remove lynis configurations, data and all of its dependencies, we can use the following command:
$ sudo apt-get -y autoremove --purge lynis
This article covers how to install and use the Lynis tool to audit our Ubuntu system. In fact, Lynis is a free & open-source security audit tool. It is installed by system administrators and security professionals to find the system vulnerabilities. It is easy to use & easy to scan the system. We can easily scan application patch management, file system, ports, Software malware, kernel vulnerability & etc.
How To Install lynis on Ubuntu 21.04 ?
Lynis is an auditing tool for hardening GNU/Linux and Unix based systems. It scans the system configuration and creates an overview of system information and security issues usable by professional auditors. It can assist in automated audits.
To Install lynis Using apt, Update apt database with apt using the following command:
$ sudo apt update
After updating apt database, We can install lynis using apt by running the following command:
$ sudo apt -y install lynis