Lynis is a control tool security open source. It is used by system administrators, security professionals, and penetration testers to assess the security defenses of Linux and UNIX-based systems.
It runs on the host itself, so it performs more extensive security scans than vulnerability scanners.
Supported operating systems
Lynis runs on almost all UNIX-based systems and versions, including:
- AIX
- FreeBSD
- HP-UX
- Linux
- MacOS
- NetBSD
- OpenBSD
- Solaris
- and other
It even runs on Raspberry Pi or QNAP devices.
Optional installation
Lynis is lightweight and easy to use. The installation is optional: just copy it to a system and use the "./lynis audit system" command to start the security scan.
It is written in a script shell and is released as open source software (GPL). Software packages are available from the project repository.
Use
Runs hundreds of individual tests. Each test helps determine a system's security status. What happens during duration of a scan with Lynis:
Steps
- Identify the operating system
- Search for available tools and utilities
- Check for Lynis updates
- Perform tests with enabled plugins
- Perform safety tests by category
- Report the status of the security scan
In addition to the data shown in screen, all technical details about the scan are stored in a log file. Any findings (alerts, suggestions, data collection) are saved in a report file.
Snapshots applicationς
You can download it program from here.