Lynis is an open source security monitoring tool. Used by system administrators, security professionals, and penetration testers to evaluate the security defense of Linux and UNIX-based systems.
It runs on the host itself, so it performs more extensive security scans than vulnerability scanners.
Supported operating systems
Lynis runs on almost all UNIX-based systems and versions, including:
- AIX
- FreeBSD
- HP-UX
- Linux
- MacOS
- NetBSD
- OpenBSD
- Solaris
- and other
It even runs on Raspberry Pi or QNAP devices.
Optional installation
Lynis is lightweight and easy to use. Installation is optional: just copy it to a system and use the command “./lynis audit system” to start the security scan.
It is written in script shell and is released as open source software ( GPL ). Packages software are available from the project repository.
Use
Performs hundreds of individual tests. Each test helps determine the security status of the system. What happens during a scan with Lynis:
Steps
- Identify the operating system
- Search for available tools and utilities
- Check for Lynis updates
- Perform tests with enabled plugins
- Perform safety tests by category
- Report the status of the security scan
In addition to the data displayed on the screen, all technical details about the scan are stored in a log file. Any findings (warnings, suggestions, data collection) are stored in a reference file.
Application snapshots
You can download the program from here.