Lynis is an open source security monitoring tool. Used by system administrators, security professionals, and penetration testers to evaluate the security defense of Linux and UNIX-based systems.
It runs on the host itself, so it performs more extensive security scans than vulnerability scanners.
Supported operating systems
Lynis runs on almost all UNIX-based systems and versions, including:
- and other
It even runs on Raspberry Pi or QNAP devices.
Lynis is lightweight and easy to use. The installation is optional: just copy it to a system and use the "./lynis audit system" command to start the security scan.
It is written in a script shell and is released as open source software (GPL). Software packages are available from the project repository.
Performs hundreds of individual tests. Each test helps determine the security status of the system. What happens during a scan with Lynis:
- Identify the operating system
- Search for available tools and utilities
- Check for Lynis updates
- Perform tests with enabled plugins
- Perform safety tests by category
- Report the status of the security scan
In addition to the data displayed on the screen, all technical details about the scan are stored in a log file. Any findings (warnings, suggestions, data collection) are stored in a reference file.
You can download the program from here.