如何安装Lynis 2.2.0 – Linux安全审核工具

2024-05-19 12:04:06 138

Lynis是用于基于Unix和Linux的系统的安全审核工具。它协助审核员扫描系统，其安全防御措施有助于改善系统的安全性。该软件将确定特定于OS类型，已安装软件包，系统和网络配置的系统信息。此外，它将检查系统是否存在配置错误和安全问题。本文介绍了如何在Ubuntu上安装lynis。

特征

它是一个开源的

它支持shell脚本

没有依赖

容易明白

动态操作系统检测

它支持300多种内置测试

它支持自定义测试

插件支持

它支持合规性检查

广泛的软件支持

安装Lynis

Lynis不需要任何安装，可以直接从任何目录使用。为了更好地练习，请在/usr/local/lynis下为Lynis创建目录，如下所示–

# mkdir /usr/local/lynis

下载Lynis源文件的稳定版本，如下所示–

# cd /usr/local/lynis
# wget https://cisofy.com/files/lynis-2.2.0.tar.gz

样本输出应如下所示–

--2016-05-05 10:27:09-- https://cisofy.com/files/lynis-2.2.0.tar.gzResolving cisofy.com (cisofy.com)... 149.210.134.182, 2a01:7c8:aab2:209::1
Connecting to cisofy.com (cisofy.com)|149.210.134.182|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 202825 (198K) [application/octet-stream]
Saving to: ‘lynis-2.2.0.tar.gz’

lynis-2.2.0.tar.gz 100%[===================>] 198.07K 209KB/s in 0.9s

2016-05-05 10:27:11 (209 KB/s) - ‘lynis-2.2.0.tar.gz’ saved [202825/202825]

现在，如下所示打开上述包装的包装–

# tar -xvf lynis-2.2.0.tar.gz

样本输出应如下所示：

lynis/CHANGELOG
lynis/CONTRIBUTIONS.md
lynis/CONTRIBUTORS
lynis/FAQ
lynis/INSTALL
lynis/LICENSE
lynis/README
lynis/db/
lynis/db/integrity.db
lynis/db/sbl.db
lynis/db/fileperms.db
lynis/db/malware-susp.db
lynis/db/malware.db
lynis/db/hints.db
lynis/default.prf
lynis/extras/
lynis/extras/README
lynis/extras/files.dat
lynis/extras/lynis.spec
lynis/extras/systemd/
lynis/extras/systemd/lynis.service
lynis/extras/systemd/lynis.timer
lynis/extras/openbsd/
lynis/extras/openbsd/+CONTENTS
lynis/extras/check-lynis.sh
lynis/extras/bash_completion.d/
lynis/extras/bash_completion.d/lynis
lynis/extras/.bzrignore
lynis/extras/build-lynis.sh
lynis/include/
lynis/include/helper_audit_dockerfile
lynis/include/profiles
lynis/include/tests_malware
lynis/include/tests_containers
lynis/include/tests_accounting
lynis/include/parameters
lynis/include/tests_ssh
lynis/include/tool_tips
lynis/include/tests_time
lynis/include/tests_firewalls
lynis/include/tests_nameservices
lynis/include/binaries
lynis/include/tests_webservers
lynis/include/tests_squid
lynis/include/tests_storage_nfs
lynis/include/tests_insecure_services
lynis/include/tests_scheduling
lynis/include/tests_tooling
lynis/include/tests_hardening
lynis/include/tests_networking
lynis/include/tests_custom.template

......................................

运行和使用Lynis基础

要运行Lynis，它需要root用户权限，并将输出写入/var/log/lynis.log文件。使用以下命令运行Lynis-

# cd lynis
# ./lynis

上面的命令将为您提供可用参数的完整列表，如下所示-

[ Lynis 2.2.0 ]

################################################################################
   comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
   welcome to redistribute it under the terms of the GNU General Public License.
   See the LICENSE file for details about using this software.

   Copyright 2007-2016 - CISOfy, https://cisofy.com/lynis/   Enterprise support and plugins available via CISOfy
################################################################################

[+] Initializing program
------------------------------------

   Usage: lynis [options] mode


   Mode:

      audit
         audit system          : Perform security scan
         audit dockerfile      : Analyze Dockerfile

      update
         update info           : Show update details
         update release        : Update Lynis release


   Scan options:
      --auditor ""             : Auditor name
      --dump-options           : See all available options
      --no-log                 : Don't create a log file
      --pentest                : Non-privileged scan (useful for pentest)
      --profile                : Scan the system with the given profile file
      --quick (-Q)             : Quick mode, don't wait for user input
      --tests ""               : Run only tests defined by
      --tests-category ""      : Run only tests defined by

   Layout options:
      --no-colors              : Don't use colors in output
      --quiet (-q)             : No output, except warnings
      --reverse-colors         : Optimize color display for light backgrounds

...............................................................................................

要启动Lynis进程，必须定义–check-all参数以开始扫描整个Linux系统，如下所示–

# ./lynis --check-all

样本输出应如下所示–

[+] Initializing program
------------------------------------
   - Detecting OS...                         [ DONE ]

---------------------------------------------------
   Program version:               2.2.0
   Operating system:              Linux
   Operating system name:         Ubuntu
   Operating system version:      16.04
   Kernel version:                4.4.0
   Hardware platform:             x86_64
   Hostname:                      linux
   Auditor:                       [Unknown]
   Profile:                       ./default.prf
   Log file:                      /var/log/lynis.log
   Report file:                   /var/log/lynis-report.dat
   Report version:                1.0
   Plugin directory:              ./plugins
   ---------------------------------------------------
   - Checking profile file (./default.prf)...
   - Program update status...                [ NO UPDATE ]

[+] System Tools
------------------------------------
   - Scanning available tools...
   - Checking system binaries...

[+] Plugins (phase 1)
------------------------------------
   Note: plugins have more extensive tests, which may take a few minutes to complete

      - Plugins enabled                      [ NONE ]

[+] Boot and services
------------------------------------
   - Service Manager                            [ systemd ]
   - Checking UEFI boot                         [ ENABLED ]
   - Checking Secure Boot                       [ DISABLED ]
   - Checking presence GRUB2                    [ FOUND ]
      - Checking for password protection        [ WARNING ]
   - Check running services (systemctl)         [ DONE ]
         Result: found 31 running services
   - Check enabled services at boot (systemctl) [ DONE ]
         Result: found 38 enabled services
   - Check startup files (permissions)          [ OK ]

创建LynisCronjobs

要为系统的每日扫描报告创建LyniscronJobs，请使用以下命令-

# crontab -e

样本输出应如下所示–

# crontab -e# Edit this file to introduce tasks to be run by cron.
#
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
#
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').#
# Notice that tasks will be started based on the cron's system
# daemon's notion of time and timezones.
#
# Output of the crontab jobs (including errors) is sent through
# email to the user the crontab file belongs to (unless redirected).
#
# For example, you can run a backup of all your user accounts
# at 5 a.m every week with:
# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/

添加以下行以每天晚上10:30运行cron作业

3022***root /path/to/lynis -c -Q --auditor "automated" --cronjob

更新Lynis

更新Lynis，请使用以下命令-

# ./lynis update info       [Show update details]
# ./lynis update release    [Update Lynis release]

在阅读完本文之后，您将能够理解–“如何安装Lynis2.2.0”。在我们的下一篇文章中，我们将提出更多基于Linux的技巧。继续阅读！

如何安装Lynis 2.2.0 – Linux安全审核工具

特征

安装Lynis

运行和使用Lynis基础

创建LynisCronjobs

更新Lynis

热门推荐

随机推荐