数据结构
网络
关系数据库管理系统 (RDBMS)
操作系统
Java
MS Excel
iOS
HTML
CSS
Android
Python
C语言编程
C++
C#
MongoDB
MySQL
Javascript
PHP
物理学
化学
生物学
数学
英语
经济学
心理学
社会学
时尚研究
法律研究如何安装 Lynis 2.2.0 – Linux 安全审计工具
Lynis 是一个用于 Unix 和 Linux 系统的安全审计工具。它帮助审计员扫描系统及其安全防御,有助于改进系统加固。此软件将确定特定于操作系统类型、已安装的软件包、系统和网络配置的系统信息。此外,它还将检查系统是否存在配置错误和安全问题。本文介绍如何在 Ubuntu 上安装 Lynis。
特性
- 它是开源的
- 它支持 shell 脚本
- 无需依赖
- 易于理解
- 动态操作系统检测
- 它支持 300 多个内置测试
- 它支持自定义测试
- 插件支持
- 它支持合规性检查
- 广泛的软件支持
安装 Lynis
Lynis 不需要任何安装,可以直接从任何目录使用。为了更好地练习,请在 /usr/local/lynis 下为 Lynis 创建一个目录,如下所示:
# mkdir /usr/local/lynis
下载 Lynis 源文件的稳定版本,如下所示:
# cd /usr/local/lynis # wget https://cisofy.com/files/lynis-2.2.0.tar.gz
示例输出如下:
--2016-05-05 10:27:09-- https://cisofy.com/files/lynis-2.2.0.tar.gz Resolving cisofy.com (cisofy.com)... 149.210.134.182, 2a01:7c8:aab2:209::1 Connecting to cisofy.com (cisofy.com)|149.210.134.182|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 202825 (198K) [application/octet-stream] Saving to: ‘lynis-2.2.0.tar.gz’ lynis-2.2.0.tar.gz 100%[===================>] 198.07K 209KB/s in 0.9s 2016-05-05 10:27:11 (209 KB/s) - ‘lynis-2.2.0.tar.gz’ saved [202825/202825]
现在解压上述软件包,如下所示:
# tar -xvf lynis-2.2.0.tar.gz
示例输出如下:
lynis/CHANGELOG lynis/CONTRIBUTIONS.md lynis/CONTRIBUTORS lynis/FAQ lynis/INSTALL lynis/LICENSE lynis/README lynis/db/ lynis/db/integrity.db lynis/db/sbl.db lynis/db/fileperms.db lynis/db/malware-susp.db lynis/db/malware.db lynis/db/hints.db lynis/default.prf lynis/extras/ lynis/extras/README lynis/extras/files.dat lynis/extras/lynis.spec lynis/extras/systemd/ lynis/extras/systemd/lynis.service lynis/extras/systemd/lynis.timer lynis/extras/openbsd/ lynis/extras/openbsd/+CONTENTS lynis/extras/check-lynis.sh lynis/extras/bash_completion.d/ lynis/extras/bash_completion.d/lynis lynis/extras/.bzrignore lynis/extras/build-lynis.sh lynis/include/ lynis/include/helper_audit_dockerfile lynis/include/profiles lynis/include/tests_malware lynis/include/tests_containers lynis/include/tests_accounting lynis/include/parameters lynis/include/tests_ssh lynis/include/tool_tips lynis/include/tests_time lynis/include/tests_firewalls lynis/include/tests_nameservices lynis/include/binaries lynis/include/tests_webservers lynis/include/tests_squid lynis/include/tests_storage_nfs lynis/include/tests_insecure_services lynis/include/tests_scheduling lynis/include/tests_tooling lynis/include/tests_hardening lynis/include/tests_networking lynis/include/tests_custom.template ......................................
运行和使用 Lynis 基础知识
要运行 Lynis,需要 root 用户权限并将输出写入 /var/log/lynis.log 文件。使用以下命令运行 Lynis:
# cd lynis # ./lynis
上述命令将提供完整的可用参数列表,如下所示:
[ Lynis 2.2.0 ] ################################################################################ comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under the terms of the GNU General Public License. See the LICENSE file for details about using this software. Copyright 2007-2016 - CISOfy, https://cisofy.com/lynis/ Enterprise support and plugins available via CISOfy ################################################################################ [+] Initializing program ------------------------------------ Usage: lynis [options] mode Mode: audit audit system : Perform security scan audit dockerfile : Analyze Dockerfile update update info : Show update details update release : Update Lynis release Scan options: --auditor "" : Auditor name --dump-options : See all available options --no-log : Don't create a log file --pentest : Non-privileged scan (useful for pentest) --profile : Scan the system with the given profile file --quick (-Q) : Quick mode, don't wait for user input --tests "" : Run only tests defined by --tests-category "" : Run only tests defined by Layout options: --no-colors : Don't use colors in output --quiet (-q) : No output, except warnings --reverse-colors : Optimize color display for light backgrounds ...............................................................................................
要启动 Lynis 进程,必须定义一个 –check-all 参数以开始扫描您的整个 Linux 系统,如下所示:
# ./lynis --check-all
示例输出如下:
[+] Initializing program ------------------------------------ - Detecting OS... [ DONE ] --------------------------------------------------- Program version: 2.2.0 Operating system: Linux Operating system name: Ubuntu Operating system version: 16.04 Kernel version: 4.4.0 Hardware platform: x86_64 Hostname: linux Auditor: [Unknown] Profile: ./default.prf Log file: /var/log/lynis.log Report file: /var/log/lynis-report.dat Report version: 1.0 Plugin directory: ./plugins --------------------------------------------------- - Checking profile file (./default.prf)... - Program update status... [ NO UPDATE ] [+] System Tools ------------------------------------ - Scanning available tools... - Checking system binaries... [+] Plugins (phase 1) ------------------------------------ Note: plugins have more extensive tests, which may take a few minutes to complete - Plugins enabled [ NONE ] [+] Boot and services ------------------------------------ - Service Manager [ systemd ] - Checking UEFI boot [ ENABLED ] - Checking Secure Boot [ DISABLED ] - Checking presence GRUB2 [ FOUND ] - Checking for password protection [ WARNING ] - Check running services (systemctl) [ DONE ] Result: found 31 running services - Check enabled services at boot (systemctl) [ DONE ] Result: found 38 enabled services - Check startup files (permissions) [ OK ]
创建 Lynis cron 作业
要为系统的每日扫描报告创建 Lynis cron 作业,请使用以下命令:
# crontab -e
示例输出如下:
# crontab -e# Edit this file to introduce tasks to be run by cron. # # Each task to run has to be defined through a single line # indicating with different fields when the task will be run # and what command to run for the task # # To define the time you can provide concrete values for # minute (m), hour (h), day of month (dom), month (mon), # and day of week (dow) or use '*' in these fields (for 'any').# # Notice that tasks will be started based on the cron's system # daemon's notion of time and timezones. # # Output of the crontab jobs (including errors) is sent through # email to the user the crontab file belongs to (unless redirected). # # For example, you can run a backup of all your user accounts # at 5 a.m every week with: # 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
添加以下行以每天晚上 10:30 运行 cron 作业
3022***root /path/to/lynis -c -Q --auditor "automated" --cronjob
更新 Lynis
更新 Lynis,使用以下命令:
# ./lynis update info [Show update details] # ./lynis update release [Update Lynis release]
阅读本文后,您将能够理解“如何安装 Lynis 2.2.0”。在我们的下一篇文章中,我们将提供更多基于 Linux 的技巧和提示。继续关注!
更新于:2020年1月22日
浏览量:171
广告