Check the security of your Linux box with this comprehensive open source security auditing tool.
By: Gaurav Kamathe | ZDnet.
Have you ever thought about how secure your Linux machine really is? There are numerous Linux distros, each with its own default settings, on which you run dozens of software packages with different version numbers, and numerous services running in the background, which we hardly know or care about.
To find the security posture – the overall security status of the software, network ad services running on your Linux machine – you could run a few commands and get bits and pieces of relevant information, but the amount of data you need to parse is huge.
It would be so much better if you could just run a tool that generates a report on a machine’s security posture. And luckily there is one: Lynis. It is an extremely popular open source security auditing tool that helps with hardening Linux- and Unix-based systems. According to the project:
“It performs an in-depth security scan and runs on the system itself. The primary goal is to test security defenses and provide tips for further system hardening. It will also scan for general system information, vulnerable software packages, and possible configuration issues. Lynis [is] commonly used by system administrators and auditors to assess the security defenses of their systems.”
Read the full article here.