Saturday, March 28, 2009

Lynis: Audit Your System

Ever since you installed your operating system, have your audit your system? Auditing is very important, as you don't know what happened with your system, mostly if more than one users are allowed to logged in and the computer is connected to the Internet all the time.

There could be files which are no longer needed, but still resides in many places, insecure configuration leading to security holes, incorrect file permission leading to compromised system, and many other things which could endanger your system from attackers.

If you are using Linux/Unix operating system, then you are quite lucky, as you can use Lynis. This application is an auditing tool for Unix which can help you audit your machines and then generate a report to be analyzed later. Basically it's a collection of shell scripts which tests your system against several test (like unit tests) and then report it to you. This application can work on many operating system as the website said and i have proven it to be working in Slackware without any modification at all. All i need to do is extract the archive and run it as root (or use sudo). It's very small application, as it's only around 96 KB. Get it HERE.

One more thing: It's running on console/terminal, so don't think about fancy graphical reports laughing