Package
- lynis - Security auditing tool for Unix based systems
Usage
Usage: lynis command [options]
Command:
audit
audit system : Perform local security scan
audit system remote <host> : Remote security scan
audit dockerfile <file> : Analyze Dockerfile
show
show : Show all commands
show version : Show Lynis version
show help : Show help
update
update info : Show update details
Options:
Alternative system audit modes
--forensics : Perform forensics on a running or mounted system
--pentest : Non-privileged, show points of interest for pentesting
Layout options
--no-colors : Don´t use colors in output
--quiet (-q) : No output
--reverse-colors : Optimize color display for light backgrounds
--reverse-colours : Optimize colour display for light backgrounds
Misc options
--debug : Debug logging to screen
--no-log : Don´t create a log file
--profile <profile> : Scan the system with the given profile file
--view-manpage (--man) : View man page
--verbose : Show more details on screen
--version (-V) : Display version number and quit
--wait : Wait between a set of tests
--slow-warning <seconds> : Threshold for slow test warning in seconds (default 10)
Enterprise options
--plugindir <path> : Define path of available plugins
--upload : Upload data to central node
More options available. Run ´/usr/sbin/lynis show options´, or use the man page.
No command provided. Exiting..
Install lynis
sudo apt install lynis
Remove lynis
sudo apt remove lynis
Depends
- e2fsprogs - ext2/ext3/ext4 file system utilities
Recommends
- menu - Generates programs menu for all menu-aware applications
Suggests
- aide - Advanced Intrusion Detection Environment - dynamic binary
- debsecan - Debian Security Analyzer
- debsums - Tool for verification of installed package files against MD5 checksums
- dnsutils - ransitional package for bind9-dnsutils
- fail2ban - Ban hosts that cause multiple authentication errors
- samhain - Data integrity and host intrusion alert system
- tripwire - File and directory integrity checker